CVE-2023-1030

Name of the Vulnerable Software and Affected Versions SourceCodester Online Boat Reservation System version 1.0

Description A vulnerability has been found in the file /boat/login.php of the component POST Parameter Handler. The manipulation of the argument un leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For SourceCodester Online Boat Reservation System version 1.0, consider disabling the un argument in the /boat/login.php file as a temporary workaround until a patch is available. Restrict access to the POST Parameter Handler component to minimize the risk of exploitation. Avoid using the un argument in the affected API endpoint until the issue is resolved.