{"id":7745,"date":"2025-07-07T15:10:05","date_gmt":"2025-07-07T15:10:05","guid":{"rendered":"http:\/\/localhost\/?p=7745"},"modified":"2025-07-07T15:10:05","modified_gmt":"2025-07-07T15:10:05","slug":"sourcecodester-best-salon-management-system-update-staff-page-editplanphp-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7745","title":{"rendered":"SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting"},"content":{"rendered":"<div style=\"font-family: Arial, sans-serif; max-width: 1200px; margin: 0 auto;\">\n<h2 style=\"color: #333; border-bottom: 2px solid #ffcc00; padding-bottom: 10px;\">CVE Details<\/h2>\n<div style=\"display: grid; grid-template-columns: repeat(auto-fit, minmax(300px, 1fr)); gap: 20px; margin-bottom: 20px;\">\n<div style=\"padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1);\">\n<h3 style=\"margin-top: 0; \">Basic Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Title<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Type<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">cve<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Published<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">2025-07-07T19:02:05.791Z<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Modified<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">2025-07-07T19:02:05.791Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<div style=\"padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1);\">\n<h3 style=\"margin-top: 0; \">Product Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Vendor<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">SourceCodester<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Product<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">Best Salon Management System<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Version<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n<div style=\"padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); margin-bottom: 20px;\">\n<h3 style=\"margin-top: 0; \">CVSS Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Base Score<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd; color: #ffcc00; font-weight: bold;\">4.8 (MEDIUM)<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Attack Vector<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:H\/UI:P\/VC:N\/VI:L\/VA:N\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<div style=\"padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); margin-bottom: 20px;\">\n<h3 style=\"margin-top: 0; \">AI Analysis<\/h3>\n<table style=\"width:100%; border-collapse: collapse;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">AI Description<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">A cross-site scripting (XSS) vulnerability in the Update Staff Page of SourceCodester&#8217;s Best Salon Management System allows remote attackers to inject malicious scripts, potentially leading to unauthorized actions on behalf of users.<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">AI Severity<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">Medium<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">AI Vendor<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">SourceCodester<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">AI Product<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">Best Salon Management System<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">AI Version<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<div style=\"padding: 15px; border-radius: 5px; margin-bottom: 20px;\">\n<h4 style=\"margin-top: 0; \">Affected Products<\/h4>\n<ul style=\"margin: 0; padding-left: 20px;\">\n<li>SourceCodester Best Salon Management System 1.0<\/li>\n<\/ul>\n<\/div>\n<div style=\"padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); margin-bottom: 20px;\">\n<h3 style=\"margin-top: 0; \">Additional Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">CWE List<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">CWE-79, CWE-94<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Source<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">VulDB<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<div style=\"padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); margin-bottom: 20px;\">\n<h3 style=\"margin-top: 0; \">Description<\/h3>\n<div style=\"padding: 15px; border-left: 4px solid #4CAF50; \">A vulnerability classified as problematic was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file \/panel\/edit_plan.php of the component Update Staff Page. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.<\/div>\n<\/div>\n<div style=\"padding: 15px; border-radius: 5px; margin-bottom: 20px;\">\n<h4 style=\"margin-top: 0; \">References<\/h4>\n<ul style=\"margin: 0; padding-left: 20px;\">\n<li><a href=\"https:\/\/vuldb.com\/?id.315055\" target=\"_blank\">https:\/\/vuldb.com\/?id.315055<\/a><\/li>\n<li><a href=\"https:\/\/vuldb.com\/?ctiid.315055\" target=\"_blank\">https:\/\/vuldb.com\/?ctiid.315055<\/a><\/li>\n<li><a href=\"https:\/\/vuldb.com\/?submit.605988\" target=\"_blank\">https:\/\/vuldb.com\/?submit.605988<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/Colorado-all\/cve\/blob\/main\/Best%20salon%20management%20system\/xss-3.md\" target=\"_blank\">https:\/\/github.com\/Colorado-all\/cve\/blob\/main\/Best%20salon%20management%20system\/xss-3.md<\/a><\/li>\n<li><a href=\"https:\/\/www.sourcecodester.com\/\" target=\"_blank\">https:\/\/www.sourcecodester.com\/<\/a><\/li>\n<\/ul>\n<\/div>\n<div style=\"text-align: center; margin-top: 30px;\">\n<a href=\"\" target=\"_blank\" style=\"display: inline-block; background-color: #4CAF50; color: white; padding: 12px 24px; text-decoration: none; border-radius: 4px; font-weight: bold; transition: background-color 0.3s;\">View Full CVE Details<\/a>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>CVE Details Basic Information Title SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting Type cve Published 2025-07-07T19:02:05.791Z Modified 2025-07-07T19:02:05.791Z Product Information&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,75,12,21,13,7,11,5],"class_list":["post-7745","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-48","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=7745\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting - zero redgem\" \/>\n<meta property=\"og:description\" content=\"CVE Details Basic Information Title SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting Type cve Published 2025-07-07T19:02:05.791Z Modified 2025-07-07T19:02:05.791Z Product Information...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=7745\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-07T15:10:05+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7745#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7745\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting\",\"datePublished\":\"2025-07-07T15:10:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7745\"},\"wordCount\":247,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-4.8\",\"exploit\",\"MEDIUM\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=7745#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7745\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7745\",\"name\":\"SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-07-07T15:10:05+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7745#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=7745\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7745#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=7745","og_locale":"en_US","og_type":"article","og_title":"SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting - zero redgem","og_description":"CVE Details Basic Information Title SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting Type cve Published 2025-07-07T19:02:05.791Z Modified 2025-07-07T19:02:05.791Z Product Information...","og_url":"https:\/\/zero.redgem.net\/?p=7745","og_site_name":"zero redgem","article_published_time":"2025-07-07T15:10:05+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=7745#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=7745"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting","datePublished":"2025-07-07T15:10:05+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=7745"},"wordCount":247,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-4.8","exploit","MEDIUM","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=7745#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=7745","url":"https:\/\/zero.redgem.net\/?p=7745","name":"SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-07-07T15:10:05+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=7745#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=7745"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=7745#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"SourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scripting"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/7745","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7745"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/7745\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7745"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7745"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7745"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}