CVE-2023-46450

Name of the Vulnerable Software and Affected Versions Sourcecodester Free and Open Source inventory management system version 1.0

Description The issue is related to Cross Site Scripting (XSS) via the Add supplier function. This means an attacker could potentially inject malicious scripts into the system, affecting users who interact with the compromised functionality.

Recommendations For version 1.0, as a temporary workaround, consider disabling the Add supplier function until a patch is available. Restrict access to this function to minimize the risk of exploitation. Avoid using the Add supplier feature in the affected system until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.