CVE-2024-45986 Information

Description

A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account information is accessed.

Reference

https://github.com/soursec/CVEs/tree/main/CVE-2024-45986