PT-2023-20788 · Unknown · Sales Tracker Management System
Published
2023-04-10
·
Updated
2023-04-14
·
CVE-2023-26773
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Sales Tracker Management System version 1.0
Description
A Cross Site Scripting issue allows a remote attacker to gain privileges via the product list function in the Master.php file. This can be exploited to potentially gain unauthorized access.
Recommendations
For Sales Tracker Management System version 1.0, consider disabling the product list function in the Master.php file as a temporary workaround until a patch is available. Restrict access to the Master.php file to minimize the risk of exploitation.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sales Tracker Management System