Submit #368472: CodeIgniter Foundation Codeigniter 3.1.13 Cross Site Scriptinginfo

Title	CodeIgniter Foundation Codeigniter 3.1.13 Cross Site Scripting
Description	An XSS (Cross-Site Scripting) vulnerability was identified in the search_title parameter of the web application. This vulnerability allows an attacker to inject arbitrary JavaScript code, which can be executed in the context of the user's browser. Proof of Concept: The following payload was used to demonstrate the vulnerability: `"/<script><script>alert(1)</script>/" http://localhost/ecomerce/admin/products?search_title=%22%2F%3Cscript%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E%2F%22`
Source	⚠️ https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/263
User	evilcode52 (UID 71460)
Submission	07/04/2024 02:37 (2 years ago)
Moderation	07/05/2024 07:43 (1 day later)
Status	Accepted
VulDB entry	270369 [CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03 search_title/catName/sub/name/categorie cross site scripting]
Points	20

Want to know what is going to be exploited?

We predict KEV entries!