N/A

Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the book_title parameter.

N/A

N/A

Book Store Management System 跨站脚本漏洞

Book Store Management System是Carlo Montero个人开发者的一个在线书店系统。 Book Store Management System v1.0版本存在安全漏洞，该漏洞源于其/bsms_ci/index.php/book组件的book_title参数允许攻击者通过精心制作的有效载荷实现执行任意web脚本或HTML。

N/A

N/A