| 제목 | Unauthenticated Cross Site Scripting Vulnerability in Sanitization Management System |
|---|
| 설명 | The Sanitization Management System distributed by sourcecodester.com (https://www.sourcecodester.com/php/15770/sanitization-management-system-project-php-and-mysql-free-source-code.html) is vulnerable to unauthenticated Cross Site Scripting (php-sms/?p=request_quote). An attacker can craft a malicious Quote Request where both the Address and the Remarks Input Fields can be abused. Since the cookie does not have the HttpOnly flag it can be stolen whenever a logged-in user opens the Request in the Management Dashboard. |
|---|
| 사용자 | maikroservice (UID 35150) |
|---|
| 제출 | 2022. 11. 05. AM 11:37 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 11. 11. AM 08:18 (6 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 213449 [SourceCodester Sanitization Management System 1.0 Quote Requests Form php-sms/?p=request_quote 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 17 |
|---|