VULHUB ™

File Sharing for NET has been reported prone to a HTML Injection Vulnerability. The issue has been reported to exist in the Forum that ships with the product. A malicious remote attacker may use forum post fields when creating a new forum post to inject arbitrary HTML into dynamically generated content. This issue is due to a lack of sufficient sanitization performed on the affected form fields. An attacker may exploit this vulnerability to execute arbitrary HTML and script code in the browser of an unsuspecting user who views the malicious forum post. Code execution will occur in the context of the vulnerable site. This issue may be exploited to steal cookie based credentials other attacks may also be possible.

File Sharing for NET has been reported prone to a HTML Injection Vulnerability. The issue has been reported to exist in the Forum that ships with the product. A malicious remote attacker may use forum post fields when creating a new forum post to inject arbitrary HTML into dynamically generated content. This issue is due to a lack of sufficient sanitization performed on the affected form fields. An attacker may exploit this vulnerability to execute arbitrary HTML and script code in the browser of an unsuspecting user who views the malicious forum post. Code execution will occur in the context of the vulnerable site. This issue may be exploited to steal cookie based credentials other attacks may also be possible.