VULHUB ™

It has been reported that SignHere does not sufficiently filter user-supplied values from the 'email' field. As a result, attackers may embed malicious script code or HTML into SignHere posts. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software.

It has been reported that SignHere does not sufficiently filter user-supplied values from the 'email' field. As a result, attackers may embed malicious script code or HTML into SignHere posts. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software.