Stored Cross Site Scripting Vulnerability in Sourcecodester Online Event Booking System

CVE-2021-42662

What is CVE-2021-42662?

A Stored Cross Site Scripting (XSS) vulnerability is present in the Sourcecodester Online Event Booking and Reservation System built on PHP/MySQL. This vulnerability is activated through the 'Holiday reason' parameter, allowing attackers to inject malicious JavaScript code. If successfully exploited, an attacker could execute scripts in users' browsers, potentially leading to serious consequences such as stealing cookies or sensitive information without the users' knowledge. It is crucial for developers and administrators to implement proper input validation and sanitization measures to mitigate risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References