Vulnerability: BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting

BIBLIOsoft BIBLIOpac 2008 contains a cross-site scripting vulnerability via the db or action parameter to bin/wxis.exe/bibliopac/, which allows a remote attacker to inject arbitrary web script or HTML.

Impact

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary scripts in the victim’s browser, leading to session hijacking, defacement, or theft of sensitive information.

Severity

medium

Verified

Unknown