Cross site scripting

2023-10-3122:15:00

PRIOn knowledge base

www.prio-n.com

cross-site scripting

online blood donation

stored xss

user registration

data echo

0.0005 Low

EPSS

Percentile

17.1%

JSON

Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The ‘firstName’ parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php response.

CPENameOperatorVersion
online_blood_donation_management_systemeq1.0

CPE	Name	Operator	Version
	online_blood_donation_management_system	eq	1.0

References

fluidattacks.com/advisories/carpenter/

projectworlds.in/

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for PRION:CVE-2023-44484