XSS-PHPSESSID-Hijacking Vulnerability in Accounting Journal Management 1.0

XSS-PHPSESSID-Hijacking Vulnerability in Accounting Journal Management 1.0

CVE-2022-24582 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Accounting Journal Management 1.0 is vulnerable to XSS-PHPSESSID-Hijacking. The parameter manage_user from User lists is vulnerable to XSS-Stored and PHPSESSID attacks. The malicious user can attack the system by using the already session which he has from inside and outside of the network.

Learn more about our Network Penetration Testing.