PT-2023-32022 · Sourcecodester · Sourcecodester Best Courier Management System
Rohit_12
·
Published
2023-09-30
·
Updated
2024-05-17
·
CVE-2023-5302
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SourceCodester Best Courier Management System version 1.0
Description
A problematic issue has been found in the Manage Account Page component, where the manipulation of the
First Name argument leads to cross-site scripting. The attack can be initiated remotely. There have been reports of offensive activities targeting this system.Recommendations
For SourceCodester Best Courier Management System version 1.0, consider disabling the Manage Account Page component until a patch is available. Restrict access to this component to minimize the risk of exploitation. Avoid using the
First Name argument in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sourcecodester Best Courier Management System