VULHUB ™

DCP-Portal is prone to cross-site scripting attacks. This is due to insufficient sanitization of data passed to the 'search.php' script via URI parameters. As a result, it is possible for a remote user to create a malicious link to a site hosting the vulnerable software which contains hostile HTML and script code. If the link is visited, the attacker-supplied script code and HTML may be interpreted by the user's web browser. This could allow for compromise of cookie-based credentials or other possible attacks. DCP-Portal 5.3.1 is reported to be affected. Other versions may also be affected.

DCP-Portal is prone to cross-site scripting attacks. This is due to insufficient sanitization of data passed to the 'search.php' script via URI parameters. As a result, it is possible for a remote user to create a malicious link to a site hosting the vulnerable software which contains hostile HTML and script code. If the link is visited, the attacker-supplied script code and HTML may be interpreted by the user's web browser. This could allow for compromise of cookie-based credentials or other possible attacks. DCP-Portal 5.3.1 is reported to be affected. Other versions may also be affected.