Stored XSS Vulnerability in Art Gallery Management System Project v1.0 via Crafted Payload in Fullname Parameter

Stored XSS Vulnerability in Art Gallery Management System Project v1.0 via Crafted Payload in Fullname Parameter

CVE-2023-23157 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullname parameter on the enquiry page.

Learn more about our Web App Pen Testing.