A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Credential for Banker/Admin panel :
Username: admin
Password: Test@123
Credential for Sub-banker/Sub-admin panel :
Username: test12
Password: Test@123
Or Register a new Sub-Banker/admin.
STEPS_TO_REPRODUCE
1. NAVIGATE TO THIS URL `http://localhost/BLMS/banker/index.php` AND LOGIN AS A NORMAL USER BY GIVING YOUR USER CREDENTIALS
2. NAVIGATE TO `ASSIGN LOCKER` TAB FROM THE LEFT PANEL AND SELECT `ADD`3. IT WILL REDIRECT YOU TO THIS URL:`http://localhost/BLMS/banker/add-locker-form.php`4. Fill up the form by adding default value and in the place of lockernumber and keynumber put any random number and in the `name` parameter put the below payload
5. PAYLOAD : XSS-USER"><iMg SrC="x" oNeRRor="alert(document.domain);">
6. AFTER FILLING-UP THE FORM AND CLICKING ON SUBMIT BUTTON , LOGOUT FROM USER ACCOUNT AND LOG-IN WITH ADMIN ACCOUNT BY GIVING CREDENTIAL
7. NAVIGATE TO `ASSIGN LOCKER` TAB FROM THE `LEFT PANEL` AND SELECT `MANAGE` YOU WILL BE REDIRECTED TO THIS URL `http://localhost/BLMS/banker/manage-locker-form.php`8. THEN SEARCH FOR THE `USER LOCKER NUMBER` , MY `LOCKER-NUMBER` IS `889900` THEN IN THE `ACTION TAB` CLICK ON `EDIT SECTION` YOU WILL SEE THAT YOUR XSS-PAYLOAD GET EXECUTED