CVE-2023-7132 | code-projects Intern Membership Management System 2.0 User Registration /user_registration/ userName/firstName/lastName/userEmail cross site scripting

A vulnerability was found in code-projects Intern Membership Management System 2.0. It has been classified as problematic. This affects an unknown part of the file /user_registration/ of the component User Registration. The manipulation of the argument userName/firstName/lastName/userEmail with the input "><ScRiPt>confirm(document.domain)</ScRiPt>h0la leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2023-7132. Access to the local network is required for this attack. Furthermore, there is an exploit available.

CVE-2023-7132 | code-projects Intern Membership Management System 2.0 User Registration /user_registration/ userName/firstName/lastName/userEmail cross site scripting

Post correlati

CVE-2023-50228 | Parallels Desktop signature verification (ZDI-23-1803)

CVE-2024-6748 | Zoho ManageEngine OpManager up to 128317 URL Monitoring sql injection

CVE-2024-40831 | Apple macOS up to 14.7 Photo Library permission

CVE-2024-46958 | Nextcloud Desktop Client 3.13.1/3.13.2/3.13.3 on Linux permission (Issue 6863)