Headline
CVE-2022-2685: CVE_demo/Interview Management System-XSS.md at main · anx0ing/CVE_demo
A vulnerability was found in SourceCodester Interview Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /addQuestion.php. The manipulation of the argument question with the input <script>alert(1)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205673 was assigned to this vulnerability.
Permalink
main
Switch branches/tags
Go to file
Go to file
Copy path
Copy permalink
Cannot retrieve contributors at this time
Interview Management System-XSS Date: 2022-08/05 Exploit Author: [email protected] Vendor Homepage: Software Link: Version: 1.0 /addQuestion.php
38 lines (15 sloc) 567 Bytes
Raw Blame
Open in GitHub Desktop
- Open with Desktop
- View raw
- Copy raw contents
- View blame
Interview Management System-XSS****Date: 2022-08/05****Exploit Author: [email protected]****Vendor Homepage:
https://www.sourcecodester.com
Software Link:
https://www.sourcecodester.com/php/14585/interview-management-system-phpmysqli-full-source-code.html
Version: 1.0****/addQuestion.php
questionParameters have Cross Site Scripting(XSS)
payload
<script>alert(1)</script>