vendor:
SCOOP!
by:
5.5
CVSS
MEDIUM
Cross-Site Scripting (XSS)
79
CWE
Product Name: SCOOP!
Affected Version From: 2.3
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
Multiple Cross-Site Scripting Vulnerabilities in Commercial Interactive Media SCOOP!
The application fails to properly sanitize user-supplied input, leading to multiple XSS vulnerabilities. An attacker can execute arbitrary script code in the browser of a user visiting the affected site, potentially stealing authentication credentials and enabling other attacks.
Mitigation:
Implement proper input validation and sanitization techniques to prevent XSS attacks. Regularly update the application to the latest version to avoid known vulnerabilities.
