| tiêu đề | sourcecodester Computer Laboratory Management System 1.0 Execution After Redirect (EAR) and Stord XsS |
|---|
| Mô tả | The Computer Laboratory Management System suffers from two critical vulnerabilities: Execution After Redirect (EAR) - Authorization Bypass and Stored Cross-Site Scripting (XSS). The EAR flaw allows unauthorized users to circumvent authentication controls, potentially leading to unauthorized access and data compromise. Additionally, the XSS vulnerability enables attackers to inject and execute malicious scripts, posing risks of session hijacking, data theft, and malware propagation. Remediation involves proper script termination, input validation, and output encoding to mitigate these vulnerabilities. Regular security audits and updates are essential to maintaining system integrity and safeguarding against exploitation. |
|---|
| Nguồn | ⚠️ https://github.com/Sospiro014/zday1/blob/main/ear_stord_xss.md |
|---|
| Người dùng | SoSPiro (UID 67134) |
|---|
| Đệ trình | 05/04/2024 12:55 (cách đây 2 những năm) |
|---|
| Kiểm duyệt | 05/04/2024 15:33 (3 hours later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 259498 [SourceCodester Computer Laboratory Management System 1.0 SystemSettings.php?f=update_settings Tên Tập lệnh chéo trang] |
|---|
| điểm | 20 |
|---|