2 matches found
CVE-2020-28129
Stored Cross-site scripting XSS vulnerability in SourceCodester Gym Management System 1.0 allows users to inject and store arbitrary JavaScript code in index.php?page=packages via vulnerable fields 'Package Name' and 'Description'...
CVE-2020-28129
CVE-2020-28129 affects SourceCodester Gym Management System 1.0. The vulnerability is a stored XSS in index.php?page=packages, exploitable via the vulnerable fields ‘Package Name’ and ‘Description’ to inject arbitrary JavaScript. Connected PT-2020-16929 documents the same issue and recommends res...