Summary
Turnkey eBook Store is prone to a cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials.
Turnkey eBook Store 1.1 is vulnerable
other versions may also be
affected.
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Aker Secure Mail Gateway Cross-Site Scripting Vulnerability
- 12Planet Chat Server one2planet.infolet.InfoServlet XSS
- AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
- Apache Tomcat source.jsp malformed request information disclosure
- An Image Gallery Multiple Cross-Site Scripting Vulnerability