CVE-2023-6301 | SourceCodester Best Courier Management System 1.0 GET Parameter parcel_list.php id cross site scripting

Inserito da Angelo Barbosa | Nov 26, 2023 | CVE

A vulnerability has been found in SourceCodester Best Courier Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument id with the input </TiTlE><ScRiPt>alert(1)</ScRiPt> leads to cross site scripting.

This vulnerability is known as CVE-2023-6301. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2023-6301 | SourceCodester Best Courier Management System 1.0 GET Parameter parcel_list.php id cross site scripting

Post correlati

CVE-2023-7090 | sudo 1.8.24/1.8.25/1.8.26/1.8.27 ipa_hostname privileges management

CVE-2024-44849 | Qualitor up to 8.24 checkAcesso.php unrestricted upload

CVE-2024-6322 | Grafana/Grafana Enterprise up to 11.1.0/11.1.2 plugin.json ReqActions privileges assignment

CVE-2024-30194 | WP Sunshine Sunshine Photo Cart Plugin up to 3.1.1 on WordPress cross site scripting