VULHUB ™

Thread-ITSQL is prone to a number of HTML injection issues. In particular, when users submit messages, input supplied via the Topic Title, Name and Message form fields will not be adequately sanitized of HTML and script code. Remote attackers could exploit this issue to inject hostile HTML and script into the site hosting the software, which could be rendered in the browsers of users visiting the site.

Thread-ITSQL is prone to a number of HTML injection issues. In particular, when users submit messages, input supplied via the Topic Title, Name and Message form fields will not be adequately sanitized of HTML and script code. Remote attackers could exploit this issue to inject hostile HTML and script into the site hosting the software, which could be rendered in the browsers of users visiting the site.