Submeter #769578: SourceCodester Resort Reservation System 1 Cross Site Scriptinginformação

TítuloSourceCodester Resort Reservation System 1 Cross Site Scripting
DescriçãoA stored cross-site scripting (XSS) vulnerability exists in the Reservation Management module of the SourceCodester Resort Reservation System (PHP + SQLite). The application fails to properly sanitize and encode user-supplied input in reservation fields such as Fullname and Remarks. Malicious JavaScript injected into these fields is stored in the database and executed when rendered in administrative pages, potentially leading to session hijacking and privilege escalation.
Fonte⚠️ https://medium.com/@rvpipalwa/stored-cross-site-scripting-xss-in-reservation-management-sourcecodester-resort-reservation-894ee77d7312
Utilizador
 rvpipalwa (UID 93501)
Submissão28/02/2026 11h14 (há 2 meses)
Moderação08/03/2026 18h43 (8 days later)
EstadoAceite
Entrada VulDB349785 [SourceCodester Resort Reservation System 1.0 Reservation Management ?page=manage_reservation ID Script de Site Cruzado]
Pontos20

VoltarVisão GeralPróximo

Do you know our Splunk app?

Download it now for free!