| शीर्षक | SourceCodester Online Polling System Code 1.0 Incomplete Denylist to Cross-Site Scripting |
|---|
| विवरण | The 'firstname' parameter in the manage-profile.php file of sourcecodester Online Polling System v1.0 is vulnerable to Stored Cross-Site Scripting (XSS). This vulnerability is a result of inadequate input validation and sanitization of user-provided data. An attacker could take advantage of this flaw by injecting malicious scripts into these parameters. Once stored on the server, these scripts may execute when other users access the affected user's profile. |
|---|
| स्रोत | ⚠️ https://github.com/ganzhi-qcy/cve/issues/18 |
|---|
| उपयोगकर्ता | quchunyi1 (UID 86520) |
|---|
| सबमिशन | 30/08/2025 04:36 AM (8 महीनों पहले) |
|---|
| संयम | 07/09/2025 01:48 PM (8 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 323023 [SourceCodester Online Polling System 1.0 /manage-profile.php firstname क्रॉस साइट स्क्रिप्टिंग] |
|---|
| अंक | 20 |
|---|