Описание
A reflected Cross-Site Scripting (XSS) vulnerability exists in register.php of PuneethReddyHC Online Shopping System Advanced 1.0. Unsanitized user input in the f_name parameter is reflected in the server response without proper HTML encoding or output escaping. This allows remote attackers to inject arbitrary JavaScript code.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:puneethreddyhc:online_shopping_system_advanced:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00045
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 5.4
github
5 месяцев назад
A reflected Cross-Site Scripting (XSS) vulnerability exists in register.php of PuneethReddyHC Online Shopping System Advanced 1.0. Unsanitized user input in the f_name parameter is reflected in the server response without proper HTML encoding or output escaping. This allows remote attackers to inject arbitrary JavaScript code.
EPSS
Процентиль: 14%
0.00045
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-89