Safety Anger Pad
Monthly
Stored or reflected cross-site scripting (XSS) in SourceCodester Safety Anger Pad 1.0 allows remote unauthenticated attackers to inject malicious scripts via the angerDisplay parameter, potentially compromising user sessions and stealing sensitive data. The vulnerability requires user interaction (UI:R per CVSS) but has publicly available exploit code and a moderate CVSS score of 4.3, making it a practical attack vector for credential harvesting or malware distribution.
Stored or reflected cross-site scripting (XSS) in SourceCodester Safety Anger Pad 1.0 allows remote unauthenticated attackers to inject malicious scripts via the angerDisplay parameter, potentially compromising user sessions and stealing sensitive data. The vulnerability requires user interaction (UI:R per CVSS) but has publicly available exploit code and a moderate CVSS score of 4.3, making it a practical attack vector for credential harvesting or malware distribution.