VULHUB ™

It has been reported that Atrise Everyfind is prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the search module of the software. This issue may allow a remote attacker to execute HTML or script code in user's browser. Successful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials. Other attacks may well be possible. Atrise Everyfind 5.02 has been listed as a vulnerable package, however other versions may be affected as well.

It has been reported that Atrise Everyfind is prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the search module of the software. This issue may allow a remote attacker to execute HTML or script code in user's browser. Successful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials. Other attacks may well be possible. Atrise Everyfind 5.02 has been listed as a vulnerable package, however other versions may be affected as well.