जमा करें #599888: code-projects School Fees Payment System 1.0 Cross Site Scriptingजानकारी

शीर्षकcode-projects School Fees Payment System 1.0 Cross Site Scripting
विवरणDuring the security review of "School Fees Payment System", I discovered a Stored Cross-Site Scripting vulnerability in the "/fees.php" file. This vulnerability stems from insufficient user input validation of the 'transcation_remark' parameter, allowing attackers to inject malicious front-end code. Therefore, attackers can forge input values, thereby manipulating front-end code and performing the set behaviors in the user's browser, such as stealing the user's cookies. Immediate remedial measures are needed to ensure system security and protect data integrity.
स्रोत⚠️ https://github.com/tuooo/CVE/issues/17
उपयोगकर्ता
 DS_Leo (UID 86084)
सबमिशन18/06/2025 07:25 PM (1 वर्ष पहले)
संयम21/06/2025 07:27 AM (3 days later)
स्थितिस्वीकृत
VulDB प्रविष्टि313581 [code-projects School Fees Payment System 1.0 /fees.php transcation_remark क्रॉस साइट स्क्रिप्टिंग]
अंक20

Do you know our Splunk app?

Download it now for free!