Submit #787671: SourceCodester Sales and Inventory System 1.0 Cross Site Scriptinginfo

TitleSourceCodester Sales and Inventory System 1.0 Cross Site Scripting
DescriptionA reflected cross-site scripting (XSS) vulnerability exists in Sales and Inventory System 1.0. The vulnerability is located in the index.php login page. The application fails to sanitize the GET parameter 'msg' before reflecting it in the response, allowing a remote attacker to execute arbitrary JavaScript in the victim's browser without authentication.
Source⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/XSS-Index-msg.md
User
 563742137abc (UID 95813)
Submission03/25/2026 02:57 (4 months ago)
Moderation04/08/2026 17:12 (15 days later)
StatusDuplicate
VulDB entry354203 [SourceCodester Sales and Inventory System 1.0 Parameter index.php msg cross site scripting]
Points0

Do you know our Splunk app?

Download it now for free!