| Titolo | Simple e-Learning System 1.0 Stored Cross-Site Scripting |
|---|
| Descrizione | Simple e-Learning System is vulnerable to stored cross-site scripting.
XSS can be leveraged to carry out an array of attacks against application users such as accessing sensitive application data, logging user keystrokes, or obtaining user passwords stored in the browser. Stored XSS vulnerability allows an attacker to input and stores a payload on a website page that will subsequently execute in the browser of any user who visits the vulnerable page.
It was possible for an **authenticated** attacker to conduct cross-site scripting attacks. |
|---|
| Fonte | ⚠️ https://github.com/CyberThoth/CVE/blob/83c243538386cd0761025f85eb747eab7cae5c21/CVE/Simple%20e-Learning%20System/Cross%20Site%20Scripting(Stored)/POC.md |
|---|
| Utente | cyberthoth (UID 28322) |
|---|
| Sottomissione | 13/07/2022 09:06 (4 anni fa) |
|---|
| Moderazione | 13/07/2022 09:08 (3 minutes later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 203779 [SourceCodester Simple e-Learning System 1.0 /vcs/claire_blake Bio cross site scripting] |
|---|
| Punti | 20 |
|---|