CVE-2023-3165

Name of the Vulnerable Software and Affected Versions SourceCodester Life Insurance Management System version 1.0

Description A vulnerability was found in the file insertNominee.php of the component POST Parameter Handler. The manipulation of the nominee id argument leads to cross site scripting. The attack can be launched remotely.

Recommendations For version 1.0, consider disabling the insertNominee.php file or restricting access to the POST Parameter Handler component until a patch is available. Avoid using the nominee id argument in the affected API endpoint until the issue is resolved.