CVE-2023-46451 PoC — Best Courier Management System 跨站脚本漏洞

Source

https://github.com/sajaljat/CVE-2023-46451

Associated Vulnerability

Title:Best Courier Management System 跨站脚本漏洞 (CVE-2023-46451)
Description:Best Courier Management System是Mayuri K.个人开发者的一个快递管理系统。 Best Courier Management System v1.0版本存在安全漏洞，该漏洞源于change username字段存在跨站脚本（XSS）漏洞。

Readme

# CVE-2023-46451
Suggested description
 Sourcecodester Best courier management system v1.0 is vulnerable to
 Cross Site Scripting (XSS) in the change username field.

 ------------------------------------------

Additional Information
 Here I update the video POC on the you tube : https://youtu.be/f8B3_m5YfqI

 ------------------------------------------

 Vulnerability Type
 Cross Site Scripting (XSS)
------------------------------------------

Affected Product Code Base
Open Source

------------------------------------------

Affected Component
change username field

------------------------------------------

Attack Type
 Remote

------------------------------------------

Attack Vectors
 upload the XSS payload in username field

 ------------------------------------------

Reference
 https://youtu.be/f8B3_m5YfqI

------------------------------------------

Discoverer
sajal jat

File Snapshot


 [4.0K]  /data/pocs/9b62591ca827975cadd29e80ceb8a24a84429f1b
└── [ 893]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!