Vulnerability Details CVE-2023-1363
A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222870 is the identifier assigned to this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.7%
CVSS Severity
CVSS v3 Score 3.5
CVSS v2 Score 4.0
References
- https://github.com/Songs-YZS/CveList/blob/main/Computer-Parts-Sales-and-Inventory-System-has-Cross-Site-Scriptin-vulnerability.pdf
- https://vuldb.com/?ctiid.222870
- https://vuldb.com/?id.222870
- https://github.com/Songs-YZS/CveList/blob/main/Computer-Parts-Sales-and-Inventory-System-has-Cross-Site-Scriptin-vulnerability.pdf
- https://vuldb.com/?ctiid.222870
- https://vuldb.com/?id.222870
Products affected by CVE-2023-1363
-
Computer Parts Sales And Inventory System Project » Computer Parts Sales And Inventory System » Version: 1.0cpe:2.3:a:computer_parts_sales_and_inventory_system_project:computer_parts_sales_and_inventory_system:1.0