| 제목 | BichitroGan ISP Billing System 2025.3.20 Stored Cross-Site Scripting (XSS) |
|---|
| 설명 | The application allows users to update their profile information, including the fullname field. This input is stored in the database and
later rendered in various parts of the application without proper output encoding. An attacker can inject malicious JavaScript into the fullname field, which will execute in the browser of any user viewing the affected page, including administrators. |
|---|
| 원천 | ⚠️ https://github.com/4m3rr0r/PoCVulDb/issues/17 |
|---|
| 사용자 | 4m3rr0r (UID 85795) |
|---|
| 제출 | 2026. 03. 29. PM 03:01 (24 날 ago) |
|---|
| 모더레이션 | 2026. 04. 19. PM 06:32 (21 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 358258 [BichitroGan ISP Billing Software 2025.3.20 Profile Page users-view 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 19 |
|---|