Description
Hi there i found that url parameter is not verified by server so an attacker can use javascript schema to run xss on user’s browser
Proof of Concept
- Visit this page http://localhost/invoices/EditPageOption?code=ListProducto-new&url=javascript:prompt(2)
- Click on back button
PoC:-
https://youtu.be/l1uHfNa2p58