| शीर्षक | keerti1924 Online-Book-Store-Website 1.0 Stored XSS |
|---|
| विवरण | The 'signup.php' script in keerti1924's Online-Book-Store-Website is vulnerable to Stored Cross-Site Scripting (XSS) attacks. Exploiting this flaw, attackers can inject malicious scripts into the application, potentially compromising user data security. By crafting a payload in the 'name' parameter during account registration, attackers can execute arbitrary commands within other users' browsers, leading to various malicious activities such as session hijacking and unauthorized access to sensitive information. To mitigate this vulnerability, developers should implement robust input validation and output encoding mechanisms to sanitize user inputs effectively and prevent XSS attacks. Additionally, enforcing strict Content Security Policies (CSP) can further enhance protection against such security risks. |
|---|
| स्रोत | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti1924%20Online-Book-Store-Website/StoredXSS%20Signup/Stored%20XSS%20signup.php%20.md |
|---|
| उपयोगकर्ता | nochizplz (UID 64302) |
|---|
| सबमिशन | 25/02/2024 05:24 PM (2 साल पहले) |
|---|
| संयम | 07/03/2024 03:35 PM (11 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 256040 [keerti1924 Online-Book-Store-Website 1.0 /signup.php नाम क्रॉस साइट स्क्रिप्टिंग] |
|---|
| अंक | 20 |
|---|