Submit #94925: Online Pet Shop We App v1.0 /pet_shop/admin/orders/update_status.php parameter oid exists XSS vulnerabilityinfo

TitleOnline Pet Shop We App v1.0 /pet_shop/admin/orders/update_status.php parameter oid exists XSS vulnerability
DescriptionAn issue was discovered in Online Pet Shop We App v1.0. There is a XSS vulnerability that it is possible to inject arbitrary JavaScript into the application's response via /pet_shop/admin/orders/update_status.php?oid. Payload1:oid=1"><script>alert(1111)</script> Payload2:oid=1"><script>alert(document.cookie)</script>
Source⚠️ https://github.com/hujianjie123/bug_report/blob/main/vendors/oretnom23/Online%20Pet%20Shop%20We%20App/XSS-1.md
User
 hujianjie (UID 41826)
Submission02/26/2023 11:14 (3 years ago)
Moderation02/26/2023 13:00 (2 hours later)
StatusAccepted
VulDB entry221800 [SourceCodester Online Pet Shop We App 1.0 update_status.php oid cross site scripting]
Points19

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!