boku7/StockManagement-XSS-Login-CredHarvester

boku7/StockManagement-XSS-Login-CredHarvester

GitHubGitHub
GitHubgithub.com
Releases0
Stars21
Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Stock Management System v1.0 allows remote attackers to harvest login credentials & session cookie via unauthenticated victim clicking malicious URL and entering credentials.
Log in to subscribe

CVE History

CVEPublishedCVSS v3CVSS v2
CVE-2020-23831
6.4 MEDIUM4.3 MEDIUM

A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials.