AVideo cross-site scripting vulnerability in the view/about.php page

The PHP file view/about.php is vulnerable to an XSS issue due to no sanitization of the user agent. At line 53, the website gets the user-agent from the headers through $SERVER'HTTPUSERAGENT' and echo it without any sanitization. In PHP, echo a user generated statement, here the User-Agent Header...

Duplicate Advisory: AVideo cross-site scripting vulnerability in the view/about.php page

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f98p-2hc5-fm7v. This link is maintained to preserve external references. Original Description WWBN AVideo 12.4 is vulnerable to Cross Site Scripting XSS...