Title:Inventory Management System 跨站脚本漏洞 (CVE-2023-39709) Description:Inventory Management System是stemword个人开发者的一个库存管理系统。 Free and Open Source Inventory Management System v1.0版本存在安全漏洞,该漏洞源于允许攻击者通过将精心设计的有效负载注入Add Member section下的 Name, Address, Company参数来执行任意 Web 脚本或 HTML。
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.