A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.

References

• https://nvd.nist.gov/vuln/detail/CVE-2021-46080
• https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-Cross-Site-Request-Forgery-CSRF-Leads-to-XSS
• https://www.plsanu.com/vehicle-service-management-system-multiple-cross-site-request-forgery-csrf-leads-to-stored-cross-site-scripting-xss