| 제목 | MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 Reflected XSS |
|---|
| 설명 | The Online College Event Hall Reservation System is exposed to a Reflected Cross-Site Scripting (XSS) vulnerability in its /admin/receipt.php page. This flaw allows attackers to inject and execute arbitrary JavaScript code by manipulating the id parameter. The example demonstrates an attack vector where malicious script is embedded within the URL, triggering an alert box. This vulnerability underscores the importance of sanitizing and encoding user inputs to mitigate potential XSS attacks, ensuring the security of users' data and interactions with the application. |
|---|
| 원천 | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20receipt.php.md |
|---|
| 사용자 | nochizplz (UID 64302) |
|---|
| 제출 | 2024. 03. 06. PM 05:08 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 03. 15. PM 05:29 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 256962 [MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 /admin/receipt.php 아이디 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|