CVE-2023-1794

Name of the Vulnerable Software and Affected Versions SourceCodester Police Crime Record Management System version 1.0

Description A vulnerability was found in the SourceCodester Police Crime Record Management System. It affects the file /admin/casedetails.php of the component GET Parameter Handler. The manipulation of the argument id with the input "> leads to cross site scripting. The attack can be initiated remotely.

Recommendations For version 1.0, consider disabling the id argument in the /admin/casedetails.php file until a patch is available. Restrict access to the vulnerable component to minimize the risk of exploitation. Avoid using the id parameter in the affected API endpoint until the issue is resolved.