vendor:
Match Agency BiZ
by:
5.5
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name: Match Agency BiZ
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
Cross-Site Scripting in Datetopia Match Agency BiZ
The Datetopia Match Agency BiZ application is prone to multiple cross-site scripting vulnerabilities due to improper sanitization of user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary script code in the context of an unsuspecting user's browser. This can lead to the theft of authentication credentials and facilitate further attacks.
Mitigation:
To mitigate these vulnerabilities, it is recommended to properly sanitize and validate user-supplied input before using it in the application.