CVE-2023-4183

Name of the Vulnerable Software and Affected Versions SourceCodester Inventory Management System version 1.0

Description A vulnerability has been found in the SourceCodester Inventory Management System, affecting the file edit update.php of the component Password Handler. The manipulation of the user id argument leads to improper access controls. The attack can be initiated remotely, potentially impacting the confidentiality, integrity, and availability of protected information.

Recommendations For version 1.0, consider disabling the user id argument in the edit update.php file until a patch is available. Restrict access to the Password Handler component to minimize the risk of exploitation. Avoid using the user id argument in the affected API endpoint until the issue is resolved.