| 标题 | code-projects Church Donation System 1.0 Cross Site Scripting |
|---|
| 描述 | A stored XSS vulnerability was discovered in the edit_members.php endpoint of the web application. When submitting a POST request to this page with a specially crafted payload in the fname parameter, malicious JavaScript code is permanently stored and later executed whenever the member’s details are viewed. |
|---|
| 来源 | ⚠️ https://github.com/enigma522/cve/issues/2 |
|---|
| 用户 | Enigma522 (UID 88000) |
|---|
| 提交 | 2025-07-22 14時56分 (9 月前) |
|---|
| 管理 | 2025-07-25 09時25分 (3 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 317581 [code-projects Church Donation System 1.0 /admin/edit_members.php fname 跨网站脚本] |
|---|
| 积分 | 18 |
|---|