3 matches found
CVE-2021-3294
CASAP Automated Enrollment System 1.0 is affected by cross-site scripting XSS in users.php. An attacker can steal a cookie to perform user redirection to a malicious website...
CASAP Automated Enrollment System 1.0 Cross Site Scripting
Exploit Title: CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS Author: nu11secur1ty Date: 02.15.2021 Vendor: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Athor: https://www.sourcecodester.com/users/yna-ecole Link:...
CVE-2021-3294
CVE-2021-3294 concerns the CASAP Automated Enrollment System 1.0. The vulnerability is a Stored Cross-Site Scripting (XSS) in users.php, arising from insufficient validation of user data in the “First Name” field, enabling an attacker to steal cookies and redirect victims to a malicious site. Pub...