CVE-2023-5585

Name of the Vulnerable Software and Affected Versions SourceCodester Online Motorcycle Rental System version 1.0

Description A vulnerability was found in the SourceCodester Online Motorcycle Rental System. It affects the file /admin/?page=bike of the component Bike List. The manipulation of the argument Model with the input "> leads to cross site scripting. The attack can be initiated remotely.

Recommendations For SourceCodester Online Motorcycle Rental System version 1.0, consider disabling access to the /admin/?page=bike endpoint until a patch is available. Restrict the use of the Model argument in the Bike List component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.