CVE-2023-36317

Опубликовано: 23 авг. 2023

Источник: nvd

CVSS3: 4.8

EPSS Низкий

Описание

Cross Site Scripting (XSS) vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL.

Ссылки

https://github.com/oye-ujjwal/CVE/blob/main/CVE-2023-36317
Exploit
Third Party Advisory
https://www.sourcecodester.com
Not Applicable
https://www.sourcecodester.com/php/16298/student-study-center-desk-management-system-using-php-oop-and-mysql-db-free-source-code
Product
https://github.com/oye-ujjwal/CVE/blob/main/CVE-2023-36317
Exploit
Third Party Advisory
https://www.sourcecodester.com
Not Applicable
https://www.sourcecodester.com/php/16298/student-study-center-desk-management-system-using-php-oop-and-mysql-db-free-source-code
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oretnom23:student_study_center_desk_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00076

Низкий

4.8 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-7chm-r5mr-rv4x