| Summary | A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account information is accessed. |
|---|---|
| Publication Date | Sept. 27, 2024, 6:15 a.m. |
| Registration Date | Sept. 27, 2024, noon |
| Last Update | Sept. 30, 2024, 9:46 p.m. |
| Title | Projectworlds の online voting system project におけるクロスサイトスクリプティングの脆弱性 |
|---|---|
| Summary | Projectworlds の online voting system project には、クロスサイトスクリプティングの脆弱性が存在します。 |
| Possible impacts | 情報を取得される、および情報を改ざんされる可能性があります。 |
| Solution | 参考情報を参照して適切な対策を実施してください。 |
| Publication Date | Sept. 26, 2024, midnight |
| Registration Date | May 9, 2025, 9:47 a.m. |
| Last Update | May 9, 2025, 9:47 a.m. |
| Projectworlds |
| online voting system project 1.0 |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2025年05月09日] 掲載 |
May 9, 2025, 9:47 a.m. |