| 제목 | SourceCodester Inventory System using PHP and MySQL Source Code 1.0 Cross Site Scripting |
|---|
| 설명 | he fullname and username input fields fail to sanitize or encode user-supplied input before storing it in the database. When an administrator visits the User Management page (users.php), the unsanitized payloads are rendered directly in the HTML context, causing immediate JavaScript execution in the admin's browser session. |
|---|
| 원천 | ⚠️ https://github.com/Xmyronn/Stored-XSS-in-Inventory-System-using-PHP-and-MySQL.git |
|---|
| 사용자 | imad alvi (UID 97088) |
|---|
| 제출 | 2026. 05. 24. AM 01:53 (18 날 ago) |
|---|
| 모더레이션 | 2026. 06. 07. PM 06:01 (15 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 369138 [SourceCodester Inventory System 1.0 User Management Page /users.php fullname/username 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 19 |
|---|