CVE-2023-1302

Опубликовано: 09 мар. 2023

Источник: nvd

CVSS3: 3.5

CVSS3: 6.1

CVSS2: 4

EPSS Низкий

Описание

A vulnerability, which was classified as problematic, was found in SourceCodester File Tracker Manager System 1.0. This affects an unknown part of the file normal/borrow1.php. The manipulation of the argument id with the input 1"> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222663.

Ссылки

https://github.com/godownio/bug_report/blob/main/vendors/hemedy99/File%20Tracker%20Manager%20System/XSS-1.md
Exploit
https://vuldb.com/?ctiid.222663
Third Party Advisory
https://vuldb.com/?id.222663
Third Party Advisory
https://github.com/godownio/bug_report/blob/main/vendors/hemedy99/File%20Tracker%20Manager%20System/XSS-1.md
Exploit
https://vuldb.com/?ctiid.222663
Third Party Advisory
https://vuldb.com/?id.222663
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:file_tracker_manager_system_project:file_tracker_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00094

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-5g9m-3789-pjjm

CVSS3: 6.1

github

почти 3 года назад

A vulnerability, which was classified as problematic, was found in SourceCodester File Tracker Manager System 1.0. This affects an unknown part of the file normal/borrow1.php. The manipulation of the argument id with the input 1"><script>alert(1111)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222663.

EPSS

Процентиль: 27%

0.00094

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-79