CVE-2024-40074 Information

Description

Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting (XSS) via id_generator/classes/SystemSettings.php?f=update_settings and the point of vulnerability is in the POST parameter ‘short_name’.

Reference

https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug1-XSS-short_name.md