PT-2023-23533 · Unknown · Rail Pass Management System
Dililearngent
·
Published
2023-07-28
·
Updated
2023-12-20
·
CVE-2023-31935
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Rail Pass Management System version 1.0
Description
A Cross Site Scripting issue allows a remote attacker to obtain sensitive information via the
emial parameter of "admin-profile.php".Recommendations
For Rail Pass Management System version 1.0, avoid using the
emial parameter in the "admin-profile.php" endpoint until the issue is resolved.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rail Pass Management System