Overview:Cross Site Scripting (XSS) attacks are possible in the username field of karma.php. XSS attacks are scripts injected
injected into any the username field. Although there are precautions taken by Antionline.com to prevent this, input
sanitization is incomplete.
link. Antionline.com allows users to authenticate themselves through cookies, allowing attackers to impersonate victims
through stolen cookies.