Submit #287010: SourceCodester Employee Management System 1.0 Stored XSSinfo

Title	SourceCodester Employee Management System 1.0 Stored XSS
Description	This report highlights a stored cross-site scripting (XSS) vulnerability found in the project assignment functionality of the web application. Attackers can inject malicious JavaScript code into the "pname" parameter, leading to potential execution within users' browsers. Exploitation of this vulnerability, accessible via the endpoint /assignproject.php, could result in various malicious activities, such as session hijacking or data theft. The report provides a proof of concept and recommends implementing proper input validation and output encoding techniques to mitigate the risk.
Source	⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20EMPLOYEE%20MANAGEMENT%20SYSTEM/XSS%20Vulnerability%20in%20Project%20Assignment%20Report.md
User	nochizplz (ID 64302)
Submission	02/23/2024 20:44 (2 months ago)
Moderation	02/24/2024 08:38 (12 hours later)
Status	Accepted
VulDB Entry	254694

Do you need the next level of professionalism?

Upgrade your account now!