vendor:
WWWThread
by:
7.5
CVSS
HIGH
Cross-Site Scripting
79
CWE
Product Name: WWWThread
Affected Version From: 5.0.8 Pro
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
Cross-Site Scripting Vulnerability in WWWThread
The application fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user, potentially stealing authentication credentials and launching other attacks.
Mitigation:
Proper input validation and sanitization should be implemented to prevent cross-site scripting vulnerabilities. Regular security updates and patches should be applied.