Rewterz Threat Alert – Malicious URLs Using Covid-19
April 24, 2020Rewterz Threat Alert – TA505 New Coronavirus Campaign
April 27, 2020Rewterz Threat Alert – Malicious URLs Using Covid-19
April 24, 2020Rewterz Threat Alert – TA505 New Coronavirus Campaign
April 27, 2020Severity
Medium
Analysis Summary
PHPGurukul Complaint Management System is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the resgistration.php script. A remote attacker could exploit this vulnerability using a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
Impact
Cross-Site Scripting
Affected Vendors
PHPGurukul
Affected Products
PHPGurukul Complaint Management System 4.2
Remediation
Upgrade to the latest version of PHPGurukul Complaint Management System (4.3 or later)