Enviar #792394: BichitroGan ISP Billing System 2025.3.20 Stored Cross-Site Scripting (XSS)información

TítuloBichitroGan ISP Billing System 2025.3.20 Stored Cross-Site Scripting (XSS)
DescripciónThe application allows users to update their profile information, including the fullname field. This input is stored in the database and later rendered in various parts of the application without proper output encoding. An attacker can inject malicious JavaScript into the fullname field, which will execute in the browser of any user viewing the affected page, including administrators.
Fuente⚠️ https://github.com/4m3rr0r/PoCVulDb/issues/17
Usuario
 4m3rr0r (UID 85795)
Sumisión2026-03-29 15:01 (hace 28 días)
Moderación2026-04-19 18:32 (21 days later)
EstadoAceptado
Entrada de VulDB358258 [BichitroGan ISP Billing Software 2025.3.20 Profile Page users-view secuencias de comandos en sitios cruzados]
Puntos19

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!