VULHUB ™

It has been reported that ReciPants is vulnerable to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using the input in database queries. When a query fails, the error message, including the malicious content is displayed to the victim's browser. These issues may allow an attacker to gain access to sensitive information, corrupt database contents, and steal authentication credentials. Other attacks are also possible.

It has been reported that ReciPants is vulnerable to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using the input in database queries. When a query fails, the error message, including the malicious content is displayed to the victim's browser. These issues may allow an attacker to gain access to sensitive information, corrupt database contents, and steal authentication credentials. Other attacks are also possible.