Submit #311155: sourcecodester Computer Laboratory Management System 1.0 Execution After Redirect (EAR) and Stord XsSИнформация

Title	sourcecodester Computer Laboratory Management System 1.0 Execution After Redirect (EAR) and Stord XsS
Description	The Computer Laboratory Management System suffers from two critical vulnerabilities: Execution After Redirect (EAR) - Authorization Bypass and Stored Cross-Site Scripting (XSS). The EAR flaw allows unauthorized users to circumvent authentication controls, potentially leading to unauthorized access and data compromise. Additionally, the XSS vulnerability enables attackers to inject and execute malicious scripts, posing risks of session hijacking, data theft, and malware propagation. Remediation involves proper script termination, input validation, and output encoding to mitigate these vulnerabilities. Regular security audits and updates are essential to maintaining system integrity and safeguarding against exploitation.
Source	⚠️ https://github.com/Sospiro014/zday1/blob/main/ear_stord_xss.md
User	SoSPiro (ID 67134)
Submission	05.04.2024 12:55 (1 month ago)
Moderation	05.04.2024 15:33 (3 hours later)
Status	принято
VulDB Entry	259498

Interested in the pricing of exploits?

See the underground prices here!