| 제목 | sourcecodester Best house rental management system project in php v1.0 Stored Cross-Site Scripting (XSS) |
|---|
| 설명 | The application is vulnerable to stored XSS on the endpoints /index.php?page=tenants and /rental/index.php?page=invoices. When malicious values are added to the firstname and lastname parameters, the input is reflected on the tenants' page without proper sanitization. This allows an attacker to inject arbitrary JavaScript, which will execute whenever the page is accessed. |
|---|
| 원천 | ⚠️ https://github.com/YasserREED/YasserREED-CVEs/blob/main/Best%20house%20rental%20management%20system%20project%20in%20php/Stored%20Cross-Site%20Scripting%20(XSS).md |
|---|
| 사용자 | Anonymous User |
|---|
| 제출 | 2024. 11. 21. PM 10:54 (1 년도 ago) |
|---|
| 모더레이션 | 2024. 11. 26. PM 02:24 (5 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 286139 [SourceCodester Best House Rental Management System 1.0 ajax.php?action=save_tenant lastname/firstname/middlename 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 18 |
|---|