CVE-2020-23831

Published
View on NVD ↗
CVSS v3
6.4
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT

Description

A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials.

boku7/StockManagement-XSS-Login-CredHarvester
boku7/StockManagement-XSS-Login-CredHarvester
Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Stock Management System v1.0 allows remote attackers to harvest login credentials & session cookie via unauthenticated victim clicking malicious URL and entering credentials.
GitHubGitHub
21