-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathwriteup
48 lines (30 loc) · 1.07 KB
/
writeup
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
Suggested description
Sourcecodester.com FAQ Management System v1.0 is vulnerable to Cross
Site Scripting (XSS) via FAQ manage.
------------------------------------------
Additional Information
Video POC YT: https://youtu.be/CQ2tYObAoJs
------------------------------------------
Vulnerability Type
Cross Site Scripting (XSS)
------------------------------------------
Vendor of Product
www.sourcecodester.com
------------------------------------------
Affected Product Code Base
https://www.sourcecodester.com/php/17175/faq-management-system-using-php-and-mysql-source-code.html - v1.0
------------------------------------------
Affected Component
faq manage
------------------------------------------
Attack Type
Remote
------------------------------------------
Attack Vectors
we can edit the old faq and update the java scripts
------------------------------------------
Reference
https://in.linkedin.com/in/sajal-jat
------------------------------------------
Discoverer
sajal jat