Stored Cross-Site Scripting (XSS) Vulnerability in SourceCodester Budget Management System 1.0 via 'Budget Title' Field

Stored Cross-Site Scripting (XSS) Vulnerability in SourceCodester Budget Management System 1.0 via 'Budget Title' Field

CVE-2021-29388 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A stored cross-site scripting (XSS) vulnerability in SourceCodester Budget Management System 1.0 allows users to inject and store arbitrary JavaScript code in index.php via vulnerable field 'Budget Title'.

Learn more about our User Device Pen Test.