[Suggested description] Cross Site Scripting vulnerability in Simple Image Stack Website using PHP and API v.1.00000 allows a remote attacker to execute arbitrary code via a crafted payload to the URL.

---

[Additional Information] Lets paste our payload in the URL section

"onmouseenter=alert(1)// "onmouseenter=alert(document.domain)//

---

[Vulnerability Type] Cross Site Scripting (XSS)

---

[Vendor of Product] sourcecodester.com

---

[Affected Product Code Base] Simple Image Stack Website using PHP and API - v1.00000

---

[Affected Component] URL

---

[Attack Type] Remote

---

[Impact Code execution] true

---

[Attack Vectors] Nothing required , just user needs to click the link

---

[Reference] https://youtu.be/P3jRfWEd_wQ

---

[Discoverer] Chandra Pratik Raj Singh