SecPod Research Team member (Deependra Bapna) has found Multiple Stored Cross-site.
Scripting Vulnerabilities(CVE-2015-4673) in ClipBucket. The vulnerabilities are due to improper validation of various parameters in various pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, and access or modify data.
Complete Advisory information can be found here.
Welcome any feedback or suggestions.
Cheers!
SecPod Research Team