A vulnerability classified as problematic was found in SourceCodester Accounts Manager App 1.0. This vulnerability affects unknown code of the file update-account.php of the component Update Account Page. The manipulation of the argument Account Name/Username/Password/Link leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Link | Tags |
---|---|
https://vuldb.com/?id.275140 | third party advisory vdb entry technical description |
https://vuldb.com/?ctiid.275140 | signature third party advisory vdb entry permissions required |
https://vuldb.com/?submit.393921 | third party advisory vdb entry exploit |
https://github.com/jadu101/CVE/blob/main/SourceCodester_Accounts_Manager_App_update_account_xss.md | patch exploit technical description |