CVE-2023-1363

medium

Description

A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222870 is the identifier assigned to this vulnerability.

References

https://vuldb.com/?id.222870

https://vuldb.com/?ctiid.222870

https://github.com/Songs-YZS/CveList/blob/main/Computer-Parts-Sales-and-Inventory-System-has-Cross-Site-Scriptin-vulnerability.pdf

Details

Source: Mitre, NVD

Published: 2023-03-13

Updated: 2024-05-17

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium