Submit #274372: COGITES eReserv v7.7.58 Reflected XSS (authenticated)info

TitelCOGITES eReserv v7.7.58 Reflected XSS (authenticated)
BeschreibungYou will have to authenticate to their demo online for the purpose of this PoC On admin panel (Authenticated): The "id=" parameter on tenancyDetail.php is vulnerable to reflected XSS. proof of concept: https://my.e-reserv.com/00000000ereservpro/front/admin/tenancyDetail.php?id=id=%22%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E
Benutzer
 rubx (UID 62535)
Einreichung28.01.2024 17:57 (vor 2 Jahren)
Moderieren29.01.2024 14:35 (21 hours later)
StatusAkzeptiert
VulDB Eintrag252303 [Cogites eReserv 7.7.58 tenancyDetail.php ID Cross Site Scripting]
Punkte15

Might our Artificial Intelligence support you?

Check our Alexa App!