VULHUB ™

It has been reported that Siteframe does not sufficiently filter user supplied URI parameters on Siteframe pages. As a result of this deficiency, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of a legitimate user. All code will be executed within the context of the website running Siteframe. This may allow for theft of cookie-based authentication credentials and other attacks. This vulnerability was reported to affect Siteframe version 2.2.4, it is not currently known if other versions are affected.

It has been reported that Siteframe does not sufficiently filter user supplied URI parameters on Siteframe pages. As a result of this deficiency, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of a legitimate user. All code will be executed within the context of the website running Siteframe. This may allow for theft of cookie-based authentication credentials and other attacks. This vulnerability was reported to affect Siteframe version 2.2.4, it is not currently known if other versions are affected.