| Title | Simple Parking Management System 1.0 Reflected Cross-Site Scripting |
|---|
| Description | Simple Parking Management System is vulnerable to Reflected cross-site scripting.
Cross-Site Scripting (XSS) is an attack whereby client-side scripts are injected into a webpage and are subsequently viewed by another user. An attacker can therefore leverage this issue to attack other users.
XSS can be leveraged to carry out an array of attacks against application users such as accessing sensitive application data, logging user keystrokes, or obtaining user passwords stored in the browser.
This particular vulnerability is reflected XSS, which involves exploiting a URL parameter of a website page to return a response that contains a malicious payload. This payload is then executed in the victim's browser when they navigate to the vulnerable URL.
It was possible for an **authenticated** attacker to conduct cross-site scripting attacks. |
|---|
| Source | ⚠️ https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Refelected)/POC.md |
|---|
| User | cyberthoth (UID 28322) |
|---|
| Submission | 07/10/2022 04:25 (4 years ago) |
|---|
| Moderation | 07/10/2022 08:48 (4 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 203420 [SourceCodester Simple Parking Management System 1.0 searching Search cross site scripting] |
|---|
| Points | 20 |
|---|