Reflected XSS on multiple locations and parameters in unilogies/bumsys
Nov 2nd 2022
The user input is not being sanitized properly on multiple locations and on different parameters leading to XSS.
Proof of Concept
- Perform any action within the application that the user can perform.
- View any information that the user is able to view.
- Modify any information that the user is able to modify.
- Initiate interactions with other application users, including malicious attacks, that will appear to originate from the initial victim user.