2 matches found
CVE-2022-30837
Toll-tax-management-system v1.0 is vulnerable to Cross Site Scripting XSS via /ttms/classes/Master.php?f=saverecipient, vehiclename...
CVE-2022-30837
CVE-2022-30837 affects Toll-tax-management-system v1.0. The vulnerability is a Cross Site Scripting (XSS) flaw in the API endpoint /ttms/classes/Master.php with the f parameter set to save_recipient and the vehicle_name field. Root cause is input handling in that endpoint allowing injection of sc...