提交 #252398: Gaatitrack Gaatitrack courier management system 10/27 Cross site Scripting
| 标题 | Gaatitrack Gaatitrack courier management system 10/27 Cross site Scripting |
|---|---|
| 描述 | The system has a reflective XSS vulnerability ('Cross site Scripting') [CWE-79], which allows attackers to obtain administrator cookies and other information by inserting malicious JavaScript statements, allowing attackers to fake administrator login through cookies. |
| 来源 | ⚠️ https:/ |
| 用户 | G1un (UID 59945) |
| 提交 | 2023-12-14 10時48分 (3 年前) |
| 管理 | 2023-12-16 20時32分 (2 days later) |
| 状态 | 重复 |
| VulDB条目 | 240886 [SourceCodester Best Courier Management System 1.0 manage_parcel_status.php 标识符 跨网站脚本] |
| 积分 | 0 |