CVE-2023-6301 | SourceCodester Best Courier Management System 1.0 GET Parameter parcel_list.php id cross site scripting

Inserito da Angelo Barbosa | Nov 26, 2023 | CVE

A vulnerability has been found in SourceCodester Best Courier Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument id with the input </TiTlE><ScRiPt>alert(1)</ScRiPt> leads to cross site scripting.

This vulnerability is known as CVE-2023-6301. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2023-6301 | SourceCodester Best Courier Management System 1.0 GET Parameter parcel_list.php id cross site scripting

Post correlati

CVE-2024-41167 | Intel Server Board M10JNP2SB Family UEFI Firmware input validation (intel-sa-01175)

CVE-2024-10310 | bdthemes Element Pack Elementor Addons Plugin up to 5.10.1 on WordPress Custom Gallery Widget image_title cross site scripting

CVE-2024-28392 | pscartabandonmentpro up to 2.0.11 on PrestaShop setEmailVisualized sql injection

CVE-2024-24790 | Google Go up to 1.21.10/1.22.3 net-netip access control