Medium
CVSS 5.4
Overview
An issue was discovered in Viki Vera 4.9.1.26180. An attacker could set a user's last name to an XSS Payload, and read another user's cookie and use that to login to the application.
An issue was discovered in Viki Vera 4.9.1.26180. An attacker could set a user's...
An issue was discovered in Viki Vera 4.9.1.26180. An attacker could set a user's last name to an XSS Payload, and read another user's cookie and use that to login to the application.
This vulnerability is rated 🟡 MEDIUM.
Recommended actions: