Severity: High (Critical) | CVSS Score: 9.8
Description: The form input fields are vulnerable to XSS attacks due to lack of proper sanitization.
Exploit Method: Injection of malicious JavaScript code into form inputs which can be executed on the client side.
Impact: Unauthorized users can execute arbitrary scripts, leading to data theft, session hijacking, or other malicious actions.
Solution: Implement input sanitization and validation, use HTML injection prevention techniques, and ensure proper HTTP responses are sent.