| 제목 | code-projects Pharmacy Management System 1.0 Basic Cross Site Scripting |
|---|
| 설명 | A **stored XSS vulnerability** has been identified in the **Pharmacy Management System** version 1.0, specifically in the **supplier management update functionality**. This vulnerability occurs because the input in the `address` parameter is not properly sanitized before being saved to the database. This flaw allows attackers to inject malicious JavaScript code that will persist in the system and execute whenever the affected supplier record is accessed. |
|---|
| 원천 | ⚠️ https://gist.github.com/higordiego/bc051be4a8c6b6641578cad533742aab |
|---|
| 사용자 | c4ttr4ck (UID 75518) |
|---|
| 제출 | 2024. 10. 19. PM 06:06 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 10. 20. PM 08:49 (1 day later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 281022 [code-projects Pharmacy Management System 1.0 Manage Supplier Page /manage_supplier.php address 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|