The PHPGurukul Online Shopping Portal Project version 2.0...
Moderate severity
Unreviewed
Published
Jul 18, 2024
to the GitHub Advisory Database
•
Updated Aug 1, 2024
Description
Published by the National Vulnerability Database
Jul 18, 2024
Published to the GitHub Advisory Database
Jul 18, 2024
Last updated
Aug 1, 2024
The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potentially leading to account takeover.
References