Отправить #792395: BichitroGan ISP Billing System 2025.3.20 Stored Cross-Site Scripting (XSS)Информация

Название	BichitroGan ISP Billing System 2025.3.20 Stored Cross-Site Scripting (XSS)
Описание	The application allows administrators to create network pools using the Pool Name field. This input is stored in the database without proper validation or sanitization. When the stored value is later displayed in the Pool List interface, it is rendered directly into HTML without escaping, allowing execution of Iinjected JavaScript.
Источник	⚠️ https://github.com/4m3rr0r/PoCVulDb/issues/16
Пользователь	4m3rr0r (UID 85795)
Представление	29.03.2026 15:02 (22 дни назад)
Модерация	19.04.2026 18:32 (21 days later)
Статус	принято
Запись VulDB	358259 [BichitroGan ISP Billing Software 2025.3.20 Pool List Interface /?\_route=pool/add межсайтовый скриптинг]
Баллы	18

Do you want to use VulDB in your project?

Use the official API to access entries easily!