CVE-nu11-15-092121
Description:
The Student Quarterly Grading System (by: oretnom23 ) is vulnerable to XSS - Stored PHPSESSID Hijacking Vulnerable PWNED. The vulnerable app: is "users", with parameters: "fullname" and "username". After the successful PWNED of the credentials for the admin account. The malicious user can be storing an XSS payload, whit who can take the active PHPSESSID every time when he wants to log in to the system with an admin account by using this exploit.
