| Название | Simple e-Learning System 1.0 Stored Cross-Site Scripting |
|---|
| Описание | Simple e-Learning System is vulnerable to stored cross-site scripting.
XSS can be leveraged to carry out an array of attacks against application users such as accessing sensitive application data, logging user keystrokes, or obtaining user passwords stored in the browser. Stored XSS vulnerability allows an attacker to input and stores a payload on a website page that will subsequently execute in the browser of any user who visits the vulnerable page.
It was possible for an **authenticated** attacker to conduct cross-site scripting attacks. |
|---|
| Источник | ⚠️ https://github.com/CyberThoth/CVE/blob/83c243538386cd0761025f85eb747eab7cae5c21/CVE/Simple%20e-Learning%20System/Cross%20Site%20Scripting(Stored)/POC.md |
|---|
| Пользователь | cyberthoth (UID 28322) |
|---|
| Представление | 13.07.2022 09:06 (4 лет назад) |
|---|
| Модерация | 13.07.2022 09:08 (3 minutes later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 203779 [SourceCodester Simple e-Learning System 1.0 /vcs/claire_blake Bio межсайтовый скриптинг] |
|---|
| Баллы | 20 |
|---|