CVE-2023-5302

A vulnerability, which was classified as problematic, has been found in SourceCodester Best Courier Management System 1.0. This issue affects some unknown processing of the component Manage Account Page. The manipulation of the argument First Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240941 was assigned to this vulnerability.
References
Link Resource
https://github.com/rohit0x5/poc/blob/main/cve_2 Exploit Third Party Advisory
https://vuldb.com/?ctiid.240941 Permissions Required Third Party Advisory VDB Entry
https://vuldb.com/?id.240941 Permissions Required Third Party Advisory VDB Entry
https://github.com/rohit0x5/poc/blob/main/cve_2 Exploit Third Party Advisory
https://vuldb.com/?ctiid.240941 Permissions Required Third Party Advisory VDB Entry
https://vuldb.com/?id.240941 Permissions Required Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:mayurik:best_courier_management_system:1.0:*:*:*:*:*:*:*

History

21 Nov 2024, 08:41

Type Values Removed Values Added
References () https://github.com/rohit0x5/poc/blob/main/cve_2 - Exploit, Third Party Advisory () https://github.com/rohit0x5/poc/blob/main/cve_2 - Exploit, Third Party Advisory
References () https://vuldb.com/?ctiid.240941 - Permissions Required, Third Party Advisory, VDB Entry () https://vuldb.com/?ctiid.240941 - Permissions Required, Third Party Advisory, VDB Entry
References () https://vuldb.com/?id.240941 - Permissions Required, Third Party Advisory, VDB Entry () https://vuldb.com/?id.240941 - Permissions Required, Third Party Advisory, VDB Entry
CVSS v2 : 4.0
v3 : 5.4
v2 : 4.0
v3 : 3.5

02 Oct 2023, 20:19

Type Values Removed Values Added
CPE cpe:2.3:a:mayurik:best_courier_management_system:1.0:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4
References (MISC) https://vuldb.com/?ctiid.240941 - (MISC) https://vuldb.com/?ctiid.240941 - Permissions Required, Third Party Advisory, VDB Entry
References (MISC) https://github.com/rohit0x5/poc/blob/main/cve_2 - (MISC) https://github.com/rohit0x5/poc/blob/main/cve_2 - Exploit, Third Party Advisory
References (MISC) https://vuldb.com/?id.240941 - (MISC) https://vuldb.com/?id.240941 - Permissions Required, Third Party Advisory, VDB Entry
First Time Mayurik best Courier Management System
Mayurik

30 Sep 2023, 12:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-30 12:15

Updated : 2024-11-21 08:41


NVD link : CVE-2023-5302

Mitre link : CVE-2023-5302

CVE.ORG link : CVE-2023-5302


JSON object : View

Products Affected

mayurik

  • best_courier_management_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')