| Title | Sourcecodester Mobile Management Store 1.0 Stored XSS |
|---|
| Description | The update profile functionality is vulnerable to stored XSS in the 'firstname' parameter. Attackers are able to submit a malicious JavaScript code and hijack other session to takeover an account. |
|---|
| Source | ⚠️ https://github.com/vanitashtml/CVE-Dumps/blob/main/Stored%20XSS%20Mobile%20Management%20Store.md |
|---|
| User | rjavenido22 (UID 64261) |
|---|
| Submission | 03/01/2024 13:15 (2 years ago) |
|---|
| Moderation | 03/02/2024 23:15 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 255498 [SourceCodester Online Mobile Management Store 1.0 update-tracker.php firstname cross site scripting] |
|---|
| Points | 16 |
|---|