| 제목 | BichitroGan ISP Billing System 2025.3.20 Stored Cross-Site Scripting (XSS) |
|---|
| 설명 | The application allows users or administrators to input data into the Full Name and Home Address fields without proper sanitization or output encoding.
These values are stored in the database and later rendered in multiple parts of the application, including customer list and edit pages.
Because the application fails to escape user input before rendering it in HTML, attackers can inject malicious JavaScript payloads that execute in the browser of any user viewing the affected page. |
|---|
| 원천 | ⚠️ https://github.com/4m3rr0r/PoCVulDb/issues/18 |
|---|
| 사용자 | 4m3rr0r (UID 85795) |
|---|
| 제출 | 2026. 03. 29. PM 03:00 (22 날 ago) |
|---|
| 모더레이션 | 2026. 04. 19. PM 06:32 (21 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 358257 [BichitroGan ISP Billing Software 2025.3.20 Customer edit 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|