Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php response.
Metrics
Affected Vendors & Products
References
History
Fri, 06 Sep 2024 04:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php response. | Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php response. |
MITRE
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2023-10-31T21:09:22.667Z
Updated: 2024-09-06T04:28:15.594Z
Reserved: 2023-09-29T16:43:03.204Z
Link: CVE-2023-44484
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-10-31T22:15:08.720
Modified: 2024-01-02T16:15:11.687
Link: CVE-2023-44484
Redhat
No data.