CVE-2023-31934

2023-07-2800:00:00

mitre

www.cve.org

rail pass management

xss

vulnerability

remote attacker

sensitive information

admin profile

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.5%

JSON

Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php.

References

github.com/DiliLearngent/BugReport/blob/main/php/Rail-Pass-Management-System/bug1-XSS-in-Admin-Name.md