Mollify 'index.php' Cross Site Scripting Vulnerability Network Vulnerability

Summary

Mollify is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary JavaScript code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Mollify 1.6 is vulnerable other versions may also be affected.

References

http://www.mollify.org/
https://www.securityfocus.com/bid/43262

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3462

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
AMSI 'file' Parameter Directory Traversal Vulnerability
Apache Rave User Information Disclosure Vulnerability
Apache Solr Directory Traversal Vulnerability Jan-14

Take action and discover your vulnerabilities