2 matches found
CVE-2022-24582
Accounting Journal Management 1.0 is vulnerable to XSS-PHPSESSID-Hijacking. The parameter manageuser from User lists is vulnerable to XSS-Stored and PHPSESSID attacks. The malicious user can attack the system by using the already session which he has from inside and outside of the network...
CVE-2022-24582
CVE-2022-24582 affects Accounting Journal Management 1.0 (PHP-based). The issue is a cross-site scripting vulnerability in the user list parameter manage_user , enabling both stored XSS and PHPSESSID hijacking. An attacker could exploit an existing session to perform actions inside or outside the...