Stored Cross-Site Scripting (XSS) Vulnerability in Expense Management System Application Version 1.0
CVE-2021-41434 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php.
Learn more about our Web Application Penetration Testing UK.