VULHUB ™

Advanced Research SARA has been reported prone to a HTML injection vulnerability. The issue has been reported to exist due to a lack of sufficient sanitization performed on banner data enumerated from remote services. Successful exploitation of this issue may allow a remote attacker to steal cookie-based authentication credentials. Other attacks are possible as well. The impact of this issue may be exaggerated because the affected software invokes the web browser, and the software must be run as the root user.

Advanced Research SARA has been reported prone to a HTML injection vulnerability. The issue has been reported to exist due to a lack of sufficient sanitization performed on banner data enumerated from remote services. Successful exploitation of this issue may allow a remote attacker to steal cookie-based authentication credentials. Other attacks are possible as well. The impact of this issue may be exaggerated because the affected software invokes the web browser, and the software must be run as the root user.