VULHUB ™

Hyper NIKKI System (hns) is web diary software. It will run on most Unix and Linux variants. Cross-site scripting issues have been discovered in the log.cgi and title.cgi scripts. This may enable an attacker to cause arbitrary script code to be executed on legitimate users of the web diary. Script code will be executed in the legitimate user's browser, in the context of the vulnerable website. This issue may be exploited by an attacker to steal cookie-based authentication credentials from a user of the web diary.

Hyper NIKKI System (hns) is web diary software. It will run on most Unix and Linux variants. Cross-site scripting issues have been discovered in the log.cgi and title.cgi scripts. This may enable an attacker to cause arbitrary script code to be executed on legitimate users of the web diary. Script code will be executed in the legitimate user's browser, in the context of the vulnerable website. This issue may be exploited by an attacker to steal cookie-based authentication credentials from a user of the web diary.