vulnerability cross site scripting
severity 9.8
language javascript
registry other

✍️ Description

Stored xss via client CompanyName

🕵️‍♂️ Proof of Concept

First goto # ✍️ Description Stored xss

🕵️‍♂️ Proof of Concept

First goto and create a new client . During creation put xss payload xss"'><img src=x onerror=alert()> in CompanyName field and save it . Now open client by going and see xss is executed

Video POC-->

💥 Impact

xss attack