CVE-2023-2153

Name of the Vulnerable Software and Affected Versions SourceCodester Complaint Management System version 1.0

Description A problematic issue was found in the SourceCodester Complaint Management System, affecting some unknown functionality of the file admin/assets/plugins/DataTables/examples/examples support/editable ajax.php of the component POST Parameter Handler. The manipulation of the value argument with the input 1><script>alert(666)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For SourceCodester Complaint Management System version 1.0, consider disabling the editable ajax.php file or restricting access to it until a patch is available. Avoid using the value argument in the affected POST Parameter Handler until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.