N/A

A stored cross-site scripting (XSS) vulnerability in /scas/?page=clubs/application_form&id=7 of School Club Application System v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter.

N/A

N/A

School Club Application System 跨站脚本漏洞

School Club Application System是Carlo Montero个人开发者的一个学校俱乐部应用系统。 School Club Application System 0.1版本存在安全漏洞，该漏洞源于/scas/?page=clubs/application_form&id=7 中存储跨站点脚本 (XSS) 漏洞。攻击者利用该漏洞通过注入 firstname 参数的特制有效载荷执行任意 Web 脚本或 HTML。

N/A

N/A