CVE-2019-25280

Name of the Vulnerable Software and Affected Versions Yahei-PHP Prober version 0.4.7

Description The software contains a remote HTML injection issue that enables attackers to execute arbitrary HTML code. This is achieved by injecting malicious HTML code into the speed GET parameter of the 'prober.php' file, which can lead to cross-site scripting within user browser sessions. The vulnerable parameter is speed. The API endpoint involved is 'prober.php'.

Recommendations Update to a newer version that contains a fix for this vulnerability.