VULHUB ™

It has been reported that Verity K2 Toolkit does not sufficiently filter user-supplied search parameters. As a result of this reported deficiency, it may be possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of a legitimate user, if the link is followed. This may allow for theft of cookie-based authentication credentials and other attacks.

It has been reported that Verity K2 Toolkit does not sufficiently filter user-supplied search parameters. As a result of this reported deficiency, it may be possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of a legitimate user, if the link is followed. This may allow for theft of cookie-based authentication credentials and other attacks.