| Title | rems CRUD (Create, Read, Update, Delete) Without Page Reload 1.0 Reflected XSS |
|---|
| Description | CRUD-without-refresh-reload Reflected XSS POC is susceptible to a significant security vulnerability that arises from insufficient protection on the 'username' & 'city' parameters in the fetch_data.php & add_user.php file. Attackers can inject malicious JavaScript code into website databases, and when victim users extract and load this JavaScript code, they will be attacked. |
|---|
| Source | ⚠️ https://github.com/PrecursorYork/crud-without-refresh-reload-Reflected_XSS-POC/blob/main/README.md |
|---|
| User | PrecursoreYork (UID 62524) |
|---|
| Submission | 02/02/2024 12:01 (2 years ago) |
|---|
| Moderation | 02/02/2024 20:31 (8 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 252782 [SourceCodester CRUD without Page Reload 1.0 fetch_data.php username/city cross site scripting] |
|---|
| Points | 20 |
|---|