• caglararli@hotmail.com
  • 05386281520

CVE-2023-7132 | code-projects Intern Membership Management System 2.0 User Registration /user_registration/ userName/firstName/lastName/userEmail cross site scripting

Çağlar Arlı      -    26 Views

CVE-2023-7132 | code-projects Intern Membership Management System 2.0 User Registration /user_registration/ userName/firstName/lastName/userEmail cross site scripting

A vulnerability was found in code-projects Intern Membership Management System 2.0. It has been classified as problematic. This affects an unknown part of the file /user_registration/ of the component User Registration. The manipulation of the argument userName/firstName/lastName/userEmail with the input "><ScRiPt>confirm(document.domain)</ScRiPt>h0la leads to cross site scripting. This vulnerability is uniquely identified as CVE-2023-7132. Access to the local network is required for this attack. Furthermore, there is an exploit available.