提出 #48573: Cashier Queuing System v1.0 - Stored XSS情報

タイトルCashier Queuing System v1.0 - Stored XSS
説明Description: A Stored XSS in Cashier Queuing System v1.0 leads to Arbitrary JavaScript code injection in User Creation. Vulnerable Parameters: Name Username Payload: <script>prompt(1)</script> Steps: 1) Login into admin account 2) Now go to User list and in that click on "Add New" 3) Now create a user but in name and username put your payload Payload: <script>prompt(1)</script> 4) Save the users and refresh the page and our payload has been executed
ユーザー
 Hackpk (UID 33860)
送信2022年10月17日 17:07 (4 年 ago)
モデレーション2022年10月18日 11:30 (18 hours later)
ステータス承諾済み
VulDBエントリ211187 [SourceCodester Cashier Queuing System 1.0.1 User Creation クロスサイトスクリプティング]
ポイント17

概要

Might our Artificial Intelligence support you?

Check our Alexa App!