| 제목 | Student Attendance Management System has a storage XSS vulnerability |
|---|
| 설명 | input [email protected] / Password@123 Log in to the background. At manage classes, click create class, enter xsspayload:<script>alert ("ace")</script>, and click save。After clicking save, the className is substituted into the input for query. If it does not exist, the className will be reinserted into the database. Because the script is not escaped from html, the XSS vulnerability is caused |
|---|
| 원천 | ⚠️ https://github.com/rickxy/Student-Attendance-Management-System/issues/3 |
|---|
| 사용자 | ace. (UID 34853) |
|---|
| 제출 | 2022. 11. 17. AM 07:55 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 11. 17. PM 04:11 (8 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 213846 [Student Attendance Management System createClass.php className 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|