VULHUB ™

Splatt Forum has been reported prone to a HTML injection vulnerability. An attacker may save a Splatt Forum post form, and modify it so that the post icon value contains arbitrary attacker supplied HTML code. As a result, a malicious user may have the ability to submit a post to the site containing embedded script code. This code would be executed by a user's browser in the context of the vulnerable site.

Splatt Forum has been reported prone to a HTML injection vulnerability. An attacker may save a Splatt Forum post form, and modify it so that the post icon value contains arbitrary attacker supplied HTML code. As a result, a malicious user may have the ability to submit a post to the site containing embedded script code. This code would be executed by a user's browser in the context of the vulnerable site.