제출 #792395: BichitroGan ISP Billing System 2025.3.20 Stored Cross-Site Scripting (XSS)정보

제목BichitroGan ISP Billing System 2025.3.20 Stored Cross-Site Scripting (XSS)
설명The application allows administrators to create network pools using the Pool Name field. This input is stored in the database without proper validation or sanitization. When the stored value is later displayed in the Pool List interface, it is rendered directly into HTML without escaping, allowing execution of Iinjected JavaScript.
원천⚠️ https://github.com/4m3rr0r/PoCVulDb/issues/16
사용자
 4m3rr0r (UID 85795)
제출2026. 03. 29. PM 03:02 (23 날 ago)
모더레이션2026. 04. 19. PM 06:32 (21 days later)
상태수락
VulDB 항목358259 [BichitroGan ISP Billing Software 2025.3.20 Pool List Interface /?\_route=pool/add 크로스 사이트 스크립팅]
포인트들18

이전개요다음

Interested in the pricing of exploits?

See the underground prices here!