CVE-2023-0966

A vulnerability classified as problematic was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=orders/view_order. The manipulation of the argument id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221635.
References
Link Resource
https://github.com/1MurasaKi/Eyewear_Shop_XSS/blob/main/README.md Exploit Third Party Advisory
https://vuldb.com/?ctiid.221635 Permissions Required
https://vuldb.com/?id.221635 Permissions Required
Configurations

Configuration 1 (hide)

cpe:2.3:a:oretnom23:online_eyewear_shop:1.0:*:*:*:*:*:*:*

History

07 Sep 2024, 12:56

Type Values Removed Values Added
First Time Oretnom23 online Eyewear Shop
Oretnom23
CPE cpe:2.3:a:online_eyewear_shop_project:online_eyewear_shop:1.0:*:*:*:*:*:*:* cpe:2.3:a:oretnom23:online_eyewear_shop:1.0:*:*:*:*:*:*:*

Information

Published : 2023-02-22 20:15

Updated : 2024-09-07 12:56


NVD link : CVE-2023-0966

Mitre link : CVE-2023-0966

CVE.ORG link : CVE-2023-0966


JSON object : View

Products Affected

oretnom23

  • online_eyewear_shop
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')