| タイトル | Simple Parking Management System 1.0 Reflected Cross-Site Scripting |
|---|
| 説明 | Simple Parking Management System is vulnerable to Reflected cross-site scripting.
Cross-Site Scripting (XSS) is an attack whereby client-side scripts are injected into a webpage and are subsequently viewed by another user. An attacker can therefore leverage this issue to attack other users.
XSS can be leveraged to carry out an array of attacks against application users such as accessing sensitive application data, logging user keystrokes, or obtaining user passwords stored in the browser.
This particular vulnerability is reflected XSS, which involves exploiting a URL parameter of a website page to return a response that contains a malicious payload. This payload is then executed in the victim's browser when they navigate to the vulnerable URL.
It was possible for an **authenticated** attacker to conduct cross-site scripting attacks. |
|---|
| ソース | ⚠️ https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Refelected)/POC.md |
|---|
| ユーザー | cyberthoth (UID 28322) |
|---|
| 送信 | 2022年07月10日 04:25 (4 年 ago) |
|---|
| モデレーション | 2022年07月10日 08:48 (4 hours later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 203420 [SourceCodester Simple Parking Management System 1.0 searching 検索 クロスサイトスクリプティング] |
|---|
| ポイント | 20 |
|---|