Cross Site Scripting (XSS) vulnerability in Genetechsolutions Pie Register 3.0.15 allows session cookie theft

Cross Site Scripting (XSS) vulnerability in Genetechsolutions Pie Register 3.0.15 allows session cookie theft

CVE-2019-1010207 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Genetechsolutions Pie Register 3.0.15 is affected by: Cross Site Scripting (XSS). The impact is: Stealing of session cookies. The component is: File: Login. Parameters: interim-login, wp-lang, and supplied URL. The attack vector is: If a victim clicks a malicious link, the attacker can steal his/her account. The fixed version is: 3.0.16.

Learn more about our Web Application Penetration Testing UK.