| Title | boyiddha Automated-Mess-Management-System 1.0 Stored XSS |
|---|
| Description | The /member/chat.php endpoint in boyiddha's Automated-Mess-Management-System is susceptible to Stored Cross-Site Scripting (XSS) attacks, enabling adversaries to inject malicious scripts into the application. By sending a crafted payload via the "msg" parameter, attackers can execute arbitrary JavaScript code within the context of other users' browsers, potentially leading to unauthorized actions or data theft. This vulnerability poses a significant risk to the confidentiality and integrity of user data and the overall security of the system. |
|---|
| Source | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/STORED%20XSS%20member-chat.php%20.md |
|---|
| User | nochizplz (UID 64302) |
|---|
| Submission | 02/26/2024 17:20 (2 years ago) |
|---|
| Moderation | 03/07/2024 17:04 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 256051 [boyiddha Automated-Mess-Management-System 1.0 Chat Book /member/chat.php msg cross site scripting] |
|---|
| Points | 20 |
|---|