Web Chat Manager 2.0 HTML Code Injection Vulnerability

ID EDB-ID:22421
Type exploitdb
Reporter Over_G
Modified 2003-03-25T00:00:00


Web Chat Manager 2.0 HTML Code Injection Vulnerability. Webapps exploit for php platform

                                            source: http://www.securityfocus.com/bid/7190/info

It has been reported that Web Chat Manager is prone to HTML injection attacks. This problem occurs due to insufficient sanitization of user-supplied input. 

As a result of this insufficiency an attacker may embed HTML code via a HTML form field or URI parameter of the Web Chat Manager user registration page.

It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks are also possible.