CVE-2015-10032

Name of the Vulnerable Software and Affected Versions HealthMateWeb (affected versions not specified)

Description A vulnerability was found in HealthMateWeb, affecting an unknown functionality of the file createaccount.php. The manipulation of the arguments username, password, first name, last name, company, or phone leads to cross-site scripting. The attack can be launched remotely.

Recommendations To fix this issue, it is recommended to apply the patch 472776c25b1046ecaf962c46fed7c713c72c28e3. As a temporary workaround, consider restricting access to the createaccount.php file until the patch is applied. Avoid using the arguments username, password, first name, last name, company, or phone in the affected file until the issue is resolved.