header-logo
Suggest Exploit
vendor:
SimpLISTic SQL
by:
Unknown
5.5
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name: SimpLISTic SQL
Affected Version From: 2
Affected Version To: 2
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2021

Cross-Site Scripting Vulnerability in SimpLISTic SQL

SimpLISTic SQL is prone to a cross-site-scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize all user-supplied input and implement proper output encoding to prevent the execution of arbitrary script code.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/45040/info

SimpLISTic SQL is prone to a cross-site-scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

SimpLISTic SQL 2.0 is vulnerable; other versions may also be affected.

Email: email@example.com&lt;/textarea&gt;<script>alert(&#039;XSS vulnerability&#039;)</script>

Navigation

Suggest Exploit

Services By CQR