VULHUB ™

It has been reported that Divine Content Server is prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the 'pagename' attribute in the error page of the software. This issue may allow a remote attacker to execute HTML or script code in user's browser. Successful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials. Other attacks may well be possible. Divine Content Server version 5.0 may be vulnerable to this issue, however this information cannot be confirmed at the moment.

It has been reported that Divine Content Server is prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the 'pagename' attribute in the error page of the software. This issue may allow a remote attacker to execute HTML or script code in user's browser. Successful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials. Other attacks may well be possible. Divine Content Server version 5.0 may be vulnerable to this issue, however this information cannot be confirmed at the moment.