VULHUB ™

ScozBook does not adequately filter some HTML code thus making it prone to HTML injection attacks. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. The attacker may hijack the session of the legitimate by using cookie-based authentication credentials. Other attacks are also possible.

ScozBook does not adequately filter some HTML code thus making it prone to HTML injection attacks. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. The attacker may hijack the session of the legitimate by using cookie-based authentication credentials. Other attacks are also possible.