Submit #412842: SourceCodester Online Railway Reservation System 1.0 Cross Site Scriptinginfo

TitelSourceCodester Online Railway Reservation System 1.0 Cross Site Scripting
BeschreibungStored XSS vulnerability was discovered in Sourcecodester's Online Railway Reservation System (Ticket Reservation) Affected product: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Affected Component: http://localhost/orrs/admin/?page=reservations The page http://localhost/orrs/?page=reserve&sid=1 has functionality to make a Ticket Reservation by customer, but the insecure design of http://localhost/orrs/admin/?page=reservations makes it vulnerable to send a malicious JavaScript code. Once the admin visits the Reservations page, the JavaScript code gets executed and can be used to steal the admin's cookies. For more details Check Advisory URL
Quelle⚠️ https://github.com/gurudattch/CVEs/blob/main/Sourcecodster-Online-Railway-Reservation-StoredXSS-in-reservetion.md
Benutzer
 guru (UID 74056)
Einreichung24.09.2024 07:19 (vor 2 Jahren)
Moderieren27.09.2024 18:46 (3 days later)
StatusAkzeptiert
VulDB Eintrag278793 [SourceCodester Online Railway Reservation System 1.0 /?page=reserve First Name/Middle Name/Last Name Cross Site Scripting]
Punkte20

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!