| शीर्षक | The Sourcecodester Contact Manager App has a DOM-XSS vulnerability |
|---|
| विवरण | DOM-based XSS (Cross-Site Scripting) is a type of web application vulnerability. It arises when an application writes user-controlled input to the Document Object Model (DOM). The web browser then dynamically interprets this data, allowing an attacker to run malicious code within the user's browser.
After testing, it was found that in The Sourcecodester Contact Manager App, it is possible to insert XSS payload in the contact information, leading to DOM-XSS.
Please refer to the Exploit link for vulnerability proof. |
|---|
| स्रोत | ⚠️ https://skypoc.wordpress.com/2023/09/05/vuln1/ |
|---|
| उपयोगकर्ता | gikaku (UID 53862) |
|---|
| सबमिशन | 06/09/2023 01:44 AM (3 साल पहले) |
|---|
| संयम | 09/09/2023 10:16 AM (3 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 239355 [SourceCodester Contact Manager App 1.0 Contact Information index.php contactID क्रॉस साइट स्क्रिप्टिंग] |
|---|
| अंक | 20 |
|---|