2 matches found
PHP Login System 2.0.1 - Cross-Site Scripting
msaad1999's PHP-Login-System 2.0.1 contains a reflected cross-site scripting caused by unsanitized input in 'validator' parameter in /reset-password, letting remote attackers execute arbitrary JavaScript in a user's browser, exploit requires attacker to craft malicious URL id: CVE-2023-38875 info...
CVE-2023-38875
Affected software : msaad1999's PHP-Login-System 2.0.1. Vulnerability : Reflected cross-site scripting (XSS) caused by unsanitized input in the 'validator' parameter of /reset-password. Impact : remote attackers can execute arbitrary JavaScript in a user’s browser, potentially stealing cookies or...