| 제목 | code-projects Blood Bank Management System 1.0 Cross Site Scripting |
|---|
| 설명 | A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the blood request functionality of the BloodBank Management System. This flaw occurs because the msg parameter is not properly sanitized before being rendered on the web page. This allows an attacker to inject malicious JavaScript code, which will be executed when the page is accessed.
Successful exploitation can lead to session hijacking, redirection to phishing sites, or unauthorized actions on behalf of the victim. Additionally, this could be exploited for social engineering attacks or to spread malware.
|
|---|
| 원천 | ⚠️ https://gist.github.com/higordiego/62ad5208270c67834d02818d6ba44126 |
|---|
| 사용자 | c4ttr4ck (UID 75518) |
|---|
| 제출 | 2024. 10. 25. PM 11:25 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 10. 26. PM 03:44 (16 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 281960 [code-projects Blood Bank Management System 1.0 /bloodrequest.php msg 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|