This vulnerability is caused by an input validation error in “views/kohana_error_page.php”. A remote attacker can send a specially crafted HTTP request to the vulnerable application and execute arbitrary html and scripting code in user`s browser in context of a vulnerable website.
Further exploitation of this vulnerability may result in stealing potentially sensitive to the user information, such as cookies, or disguising the information presented on the website.
This may be the fix:
For : Update to version 0.6.22.
Latest posts by Unallocated Author (see all)
- An Interview With the Creator of BugBountyNotes - October 20, 2018
- SickOS 1.2 – Vulnhub CTF Challenge Walkthrough - October 9, 2018
- Tips How To Recover Deleted Files on Windows PC Free and Easily - October 8, 2018