From 1e0885f59c29e0f09c3212cd5fa4fc6d5d4f1edc Mon Sep 17 00:00:00 2001
From: Raj Nandi <rajnandi5045@gmail.com>
Date: Fri, 10 Nov 2023 11:56:51 +0530
Subject: [PATCH] Create Security_Advisory_CYB84.md

---
 Security_Advisory_CYB84.md | 44 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 Security_Advisory_CYB84.md

diff --git a/Security_Advisory_CYB84.md b/Security_Advisory_CYB84.md
new file mode 100644
index 0000000..7b020e6
--- /dev/null
+++ b/Security_Advisory_CYB84.md
@@ -0,0 +1,44 @@
+# HTML Injection in online-shopping-system-advanced 
+
+# [Additional Information]
+>https://github.com/PuneethReddyHC/online-shopping-system-advanced
+>
+>
+#[Vulnerbility type]
+>HTML injection
+>
+>
+#[Vendor of Product]
+> https://github.com/PuneethReddyHC/online-shopping-system-advanced
+>
+> 
+# [Affected Component]
+> http://localhost/admin/admin/edit_product.php
+> http://127.0.0.1/admin/admin/edit_product.php
+>
+> 
+# [Attack Type]
+> Remote
+>
+> ------------------------------------------
+>
+# [Attack Vectors]
+> HTML Injection:
+```
+<h1>hello</h1>
+```
+>
+# Effected Parameter (POST):
+>
+> product_id
+>
+> ------------------------------------------
+# [Discoverer]
+## Raj Nandi @CYB84
+>
+>
+#[POC]
+https://github.com/PuneethReddyHC/online-shopping-system-advanced/assets/77796334/7e5afc89-8630-4071-82c1-e2c0ac40a1bb
+
+
+