Persistent cross-site scripting (XSS) in Hospital Management System v4.0 targeted towards web admin through /admin-panel1.php at via the parameter demail.
Add Doctor info payload to Doctor Name of Add Doctor page to target /admin-panel1.php ,then use burpsuite get requests datas,change the 'demail' parameter to xss payload: <sCrIpT>alert(5555)</ScRiPt>
Proof of concept (Poc)
<sCrIpT>alert(5555)</ScRiPt>
The text was updated successfully, but these errors were encountered:
Persistent cross-site scripting (XSS) in Hospital Management System v4.0 targeted towards web admin through /admin-panel1.php at via the parameter demail.
Add Doctor info payload to Doctor Name of Add Doctor page to target /admin-panel1.php ,then use burpsuite get requests datas,change the 'demail' parameter to xss payload:

<sCrIpT>alert(5555)</ScRiPt>Proof of concept (Poc)
<sCrIpT>alert(5555)</ScRiPt>The text was updated successfully, but these errors were encountered: