| शीर्षक | code-projects Pharmacy Management System 1.0 Code Injection |
|---|
| विवरण | An HTML Reflect vulnerability was identified in the Pharmacy Management System version 1.0, specifically in the supplier management update functionality. This issue arises from improper sanitization of the address parameter during supplier record updates. The flaw allows malicious input to be reflected directly in the HTML response, making it possible for attackers to inject HTML or JavaScript into the page.
While the severity of this vulnerability is considered low, it can still enable phishing attacks or user interface manipulation. This can lead to misleading content being displayed to users, creating potential for reputational damage or social engineering attacks. Immediate mitigation is recommended, even though the risk level is not critical, to prevent exploitation.
|
|---|
| स्रोत | ⚠️ https://gist.github.com/higordiego/622e62860faeb7a9c84a41319b111a74 |
|---|
| उपयोगकर्ता | c4ttr4ck (UID 75518) |
|---|
| सबमिशन | 19/10/2024 07:20 PM (2 साल पहले) |
|---|
| संयम | 20/10/2024 08:49 PM (1 day later) |
|---|
| स्थिति | प्रतिलिपि |
|---|
| VulDB प्रविष्टि | 281022 [code-projects Pharmacy Management System 1.0 Manage Supplier Page /manage_supplier.php address क्रॉस साइट स्क्रिप्टिंग] |
|---|
| अंक | 0 |
|---|