VULHUB ™

MyMarket is prone to cross-site scripting attacks. HTML tags and script code are not sanitized from CGI variables which may cause user-supplied input to be displayed. As a result, an attacker can create a link to a site running the vulnerable software which contains malicious attacker-supplied HTML and script code. When this link is visited, the attacker-supplied code will execute in the user's web client in the security context of the site hosting the software.

MyMarket is prone to cross-site scripting attacks. HTML tags and script code are not sanitized from CGI variables which may cause user-supplied input to be displayed. As a result, an attacker can create a link to a site running the vulnerable software which contains malicious attacker-supplied HTML and script code. When this link is visited, the attacker-supplied code will execute in the user's web client in the security context of the site hosting the software.