Lucene search
China National Vulnerability DatabaseCNVD-2024-14028HistoryMar 12, 2024 - 12:00 a.m.
Customer Support System Cross-Site Scripting Vulnerability (CNVD-2024-14028)
2024-03-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
cross-site scripting
customer support system
vulnerability
oretnom23 personal developer
filtering
web script
html
exploitation
subject parameter
Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems from the application’s lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to inject a crafted payload to execute arbitrary web script or HTML via the subject parameter in customer_support/index.php.
| CPE | Name | Operator | Version |
|---|---|---|---|
| customer support system customer support system | eq | 1.0 |
Related
zdt
zdt
Customer Support System 1.0 - Stored XSS Vulnerability
2024-07-02 00:00:00
cve
cve
CVE-2023-49976
2024-03-06 01:15:07
packetstorm
packetstorm
Customer Support System 1.0 Cross Site Scripting
2024-07-01 00:00:00
prion
prion
Cross site scripting
2024-03-06 01:15:00
cvelist
cvelist
CVE-2023-49976
2024-03-06 00:00:00
nvd
nvd
CVE-2023-49976
2024-03-06 01:15:07
exploitdb
exploitdb
Customer Support System 1.0 - Stored XSS
2024-07-01 00:00:00