A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file user_signup.php. The manipulation of the argument firstname with the input
<video/src=x onerror=alert(document.domain)>
leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2023-7108. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.