| Title | Bdtask Isshue — Multi Store eCommerce Shopping Cart Solution With POS 4.0 Reflected Cross-Site Scripting (XSS) |
|---|
| Description | A reflected Cross-Site Scripting (CWE-79) vulnerability in Bdtask Isshue v4.0 lets an attacker inject JavaScript via the search field on /dashboard/Ccustomer/manage_customer. The application reflects input into the page without proper output encoding, enabling session theft, credential phishing, and client-side attacks. |
|---|
| Source | ⚠️ https://github.com/4m3rr0r/PoCVulDb/blob/main/README18.md |
|---|
| User | 4m3rr0r (UID 85795) |
|---|
| Submission | 10/29/2025 16:52 (8 months ago) |
|---|
| Moderation | 11/14/2025 14:01 (16 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 332474 [Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution manage_customer cross site scripting] |
|---|
| Points | 19 |
|---|