VULHUB ™

Greymatter is reportedly affected by an HTML injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input to 'gm-comments.cgi'. The attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user, other attacks are also possible.

Greymatter is reportedly affected by an HTML injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input to 'gm-comments.cgi'. The attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user, other attacks are also possible.