Vulnerability severity : medium Vulnerability type : cross-site script injection attack cookie theft session hijacking stealing of sensitive information
Remotely exploitable : yes
Vulnerability discovery date : 2012/03/07 Vulnerability discovered by : Gabor Berczi <email@example.com>
Proof of concept exploit created : 2012/03/11 Proof of concept exploit developed by : Gabor Berczi <firstname.lastname@example.org>
Fix created : 2012/03/07 Fix developed by : Gabor Berczi <email@example.com>
Vulnerability reported to vendor : 2011/03/07
Affected products : PRADO (PHP Framework) 3.x
A fix has been already provided for the vulnerability, alongside with a PoC exploit.