XSS Vulnerability

[prodigysml]

There are multiple instances of XSS within MySQLDumper. Some of them are stored, which implies that it will persist for all users and social engineering is not required.

The easiest way to patch this is simply use htmlentities every time you echo something.

If the database name is an XSS payload, it will execute the javascript when viewing the databases possible within the application.