A vulnerability classified as problematic has been found in SourceCodester Earnings and Expense Tracker App 1.0. This affects an unknown part of the file Master.php?a=save_expense. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-224307.
References
Link | Resource |
---|---|
https://vuldb.com/?ctiid.224307 | Third Party Advisory |
https://vuldb.com/?id.224307 | Third Party Advisory |
https://vuldb.com/?ctiid.224307 | Third Party Advisory |
https://vuldb.com/?id.224307 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:39
Type | Values Removed | Values Added |
---|---|---|
References | () https://vuldb.com/?ctiid.224307 - Third Party Advisory | |
References | () https://vuldb.com/?id.224307 - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 3.5 |
28 Sep 2023, 19:06
Type | Values Removed | Values Added |
---|---|---|
First Time |
Oretnom23
Oretnom23 earnings And Expense Tracker Application |
|
CPE | cpe:2.3:a:oretnom23:earnings_and_expense_tracker_application:1.0:*:*:*:*:*:*:* |
Information
Published : 2023-03-29 09:15
Updated : 2024-11-21 07:39
NVD link : CVE-2023-1688
Mitre link : CVE-2023-1688
CVE.ORG link : CVE-2023-1688
JSON object : View
Products Affected
oretnom23
- earnings_and_expense_tracker_application
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')