Lucene search
MitreCVE-2023-23026HistoryFeb 07, 2023 - 11:15 p.m.
CVE-2023-23026
2023-02-0723:15:09
CWE-79
mitre
web.nvd.nist.gov
28
vulnerability
xss
sourcecodester
sales management system
nvd
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
35.0%
Cross site scripting (XSS) vulnerability in sourcecodester oretnom23 sales management system 1.0, allows attackers to execute arbitrary code via the product_name and product_price inputs in file print.php.
Affected configurations
Node
simple_sales_management_system_projectsimple_sales_management_systemMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| simple_sales_management_system_project | simple_sales_management_system | 1.0 | cpe:2.3:a:simple_sales_management_system_project:simple_sales_management_system:1.0:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2023-23026
2023-02-07 23:15:09
prion
prion
Cross site scripting
2023-02-07 23:15:00
cvelist
cvelist
CVE-2023-23026
2023-02-07 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
35.0%
Related for CVE-2023-23026