VULHUB ™

pLog is prone to an HTML injection vulnerability that is exposed via the user registration form. Fields in the form are not adequately sanitized of HTML and script code. This may permit execution of hostile script code when a user views pages that include the injected code. The hostile code would be rendered in the context of the site hosting the vulnerable software. Exploitation could allow for theft of cookie-based authentication credentials or other attacks.

pLog is prone to an HTML injection vulnerability that is exposed via the user registration form. Fields in the form are not adequately sanitized of HTML and script code. This may permit execution of hostile script code when a user views pages that include the injected code. The hostile code would be rendered in the context of the site hosting the vulnerable software. Exploitation could allow for theft of cookie-based authentication credentials or other attacks.