Cross-site scripting (XSS) vulnerability in index.php in CcCounter 2.0 allows remote malicious users to inject arbitrary web script or HTML via dir parameter.
source: wwwsecurityfocuscom/bid/23135/info
CcCounter is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user This may help the attacker steal cookie-based authentica ...