VULHUB ™

A vulnerability has been reported in XMB Forum that may result in HTML injection. The vulnerability occurs because XMB Forum fails to sufficiently sanitize user-supplied input that is used for the 'Location' field in a registered users personal information page. Other fields may also be similarly affected. Due to this condition, a malicious user may be able to insert malicious HTML or script code, as 'Location' field data. Any attacker-supplied code will be interpreted in a victim user's web browser in the security context of the site hosting the software.

A vulnerability has been reported in XMB Forum that may result in HTML injection. The vulnerability occurs because XMB Forum fails to sufficiently sanitize user-supplied input that is used for the 'Location' field in a registered users personal information page. Other fields may also be similarly affected. Due to this condition, a malicious user may be able to insert malicious HTML or script code, as 'Location' field data. Any attacker-supplied code will be interpreted in a victim user's web browser in the security context of the site hosting the software.