CVE-2023-6301 | SourceCodester Best Courier Management System 1.0 GET Parameter parcel_list.php id cross site scripting

Inserito da Angelo Barbosa | Nov 26, 2023 | CVE

A vulnerability has been found in SourceCodester Best Courier Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument id with the input </TiTlE><ScRiPt>alert(1)</ScRiPt> leads to cross site scripting.

This vulnerability is known as CVE-2023-6301. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2023-6301 | SourceCodester Best Courier Management System 1.0 GET Parameter parcel_list.php id cross site scripting

Post correlati

CVE-2024-33793 | Netis MEX605 2.00.06 Ping Test Page cross site scripting

CVE-2024-5279 | Qiwen Netdisk up to 1.4.0 File Rename cross site scripting (I8W3H2)

CVE-2023-6373 | ArtPlacer Widget Plugin up to 2.20.6 on WordPress sql injection

CVE-2023-49132 | Siemens Solid Edge SE2023 up to 223.0 Update 9 PAR File uninitialized pointer (ssa-589891)