6.6 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.7%
List Site Pro 2.0 allows remote attackers to hijack user accounts by inserting a “|” (pipe), which is used as a field delimiter, into the bannerurl field.
securityreason.com/securityalert/3230
www.securityfocus.com/archive/1/308300
www.securityfocus.com/bid/6685
exchange.xforce.ibmcloud.com/vulnerabilities/11156