| Title | MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 Reflected XSS |
|---|
| Description | The Online College Event Hall Reservation System is affected by a Reflected Cross-Site Scripting (XSS) vulnerability in its /admin/rooms.php script. Attackers can exploit this by injecting arbitrary JavaScript via the id parameter, as demonstrated with an alert box. This highlights the need for input sanitization and encoding to protect against XSS threats. |
|---|
| Source | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20rooms.php.md |
|---|
| User | nochizplz (UID 64302) |
|---|
| Submission | 03/06/2024 17:12 (2 years ago) |
|---|
| Moderation | 03/15/2024 17:29 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 256963 [MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 /admin/rooms.php ID cross site scripting] |
|---|
| Points | 18 |
|---|