| Título | sourcecodester Computer Laboratory Management System 1.0 Execution After Redirect (EAR) and Stord XsS |
|---|
| Descripción | The Computer Laboratory Management System suffers from two critical vulnerabilities: Execution After Redirect (EAR) - Authorization Bypass and Stored Cross-Site Scripting (XSS). The EAR flaw allows unauthorized users to circumvent authentication controls, potentially leading to unauthorized access and data compromise. Additionally, the XSS vulnerability enables attackers to inject and execute malicious scripts, posing risks of session hijacking, data theft, and malware propagation. Remediation involves proper script termination, input validation, and output encoding to mitigate these vulnerabilities. Regular security audits and updates are essential to maintaining system integrity and safeguarding against exploitation. |
|---|
| Fuente | ⚠️ https://github.com/Sospiro014/zday1/blob/main/ear_stord_xss.md |
|---|
| Usuario | SoSPiro (UID 67134) |
|---|
| Sumisión | 2024-04-05 12:55 (hace 2 años) |
|---|
| Moderación | 2024-04-05 15:33 (3 hours later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 259498 [SourceCodester Computer Laboratory Management System 1.0 SystemSettings.php?f=update_settings Nombre secuencias de comandos en sitios cruzados] |
|---|
| Puntos | 20 |
|---|