PT-2023-17395 · Unknown · Sourcecodester Online Computer/Laptop Store
Muzishouchen
·
Published
2023-04-11
·
Updated
2024-05-17
·
CVE-2023-1988
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SourceCodester Online Computer and Laptop Store version 1.0
Description
A vulnerability was found in the software, classified as problematic. It affects some unknown functionality of the file /admin/?page=maintenance/brand. The manipulation of the
Brand Name argument leads to cross-site scripting. The attack may be launched remotely.Recommendations
For version 1.0, consider disabling access to the /admin/?page=maintenance/brand file until a patch is available. Restrict the manipulation of the
Brand Name argument to minimize the risk of exploitation.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sourcecodester Online Computer/Laptop Store