Enviar #329673: SourceCodester Prison Management System 1.0 Cross Site Scriptinginformación

TítuloSourceCodester Prison Management System 1.0 Cross Site Scripting
DescripciónA vulnerability has been discovered in SourceCodester Prison Management System 1.0. This issue affects the file /Employee/edit-profile.php and /Employee/profile.php, where several parameters including txtfullname, txtdob, txtaddress, txtqualification, cmddept, cmdemployeetype, and txtappointment are echoed directly into the HTML without proper sanitization or validation. This oversight allows attackers to inject arbitrary JavaScript code into the page, leading to potential cross-site scripting (XSS) attacks.
Fuente⚠️ https://github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss.md
Usuario
 yylm (UID 67976)
Sumisión2024-05-05 08:47 (hace 2 años)
Moderación2024-05-05 09:07 (21 minutes later)
EstadoAceptado
Entrada de VulDB263116 [SourceCodester Prison Management System 1.0 edit-profile.php secuencias de comandos en sitios cruzados]
Puntos20

AnteriorVisión De ConjuntoPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!