Stored Cross-Site Scripting Vulnerability in Palm QC App
Palm Qingcheng app is a smartphone-based city travel information query software. A stored cross-site scripting vulnerability exists in the "Feedback" section of the app. An attacker can insert malicious js code into the page to obtain user cookies and other information, resulting in user hijackin...