Vulnerability CVE-2023-46020


Published: 2023-11-13   Modified: 2023-11-14

Description:
Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Blood Bank v1.0 Stored Cross Site Scripting (XSS)
Ersin Erenler
14.04.2024

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://github.com/ersinerenler/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability

Copyright 2024, cxsecurity.com

 

Back to Top