Cross site scripting

2022-05-2617:15:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.4%

JSON

In oretnom23 Automotive Shop Management System v1.0, the first and last name user fields suffer from a stored XSS Injection Vulnerability allowing remote attackers to gain admin access and view internal IPs.

CPENameOperatorVersion
automotive_shop_management_systemeq1.0

CPE	Name	Operator	Version
	automotive_shop_management_system	eq	1.0

References

github.com/nsparker1337/OpenSource/blob/main/exploit_xss_asms.md