Stored Cross-Site Scripting (XSS) Vulnerability in Expense Management System Application Version 1.0

Stored Cross-Site Scripting (XSS) Vulnerability in Expense Management System Application Version 1.0

CVE-2021-41434 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php.

Learn more about our Web Application Penetration Testing UK.