Title | sourcecodester Computer Laboratory Management System 1.0 Execution After Redirect (EAR) and Stord XsS |
---|
Description | The Computer Laboratory Management System suffers from two critical vulnerabilities: Execution After Redirect (EAR) - Authorization Bypass and Stored Cross-Site Scripting (XSS). The EAR flaw allows unauthorized users to circumvent authentication controls, potentially leading to unauthorized access and data compromise. Additionally, the XSS vulnerability enables attackers to inject and execute malicious scripts, posing risks of session hijacking, data theft, and malware propagation. Remediation involves proper script termination, input validation, and output encoding to mitigate these vulnerabilities. Regular security audits and updates are essential to maintaining system integrity and safeguarding against exploitation. |
---|
Source | ⚠️ https://github.com/Sospiro014/zday1/blob/main/ear_stord_xss.md |
---|
User | SoSPiro (ID 67134) |
---|
Submission | 05.04.2024 12:55 (1 month ago) |
---|
Moderation | 05.04.2024 15:33 (3 hours later) |
---|
Status | принято |
---|
VulDB Entry | 259498 |
---|