CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-44484 – Online Blood Donation Management System v1.0 - Stored Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-44484
Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php response. Online Blood Donation Management System v1.0 es afectado por múltiples vulnerabilidades de Cross-Site Scripting Almacenado. El parámetro 'firstName' del recurso users/register.php se copia en el documento users/member.php como texto plano entre etiquetas. • https://fluidattacks.com/advisories/carpenter https://projectworlds.in • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •