Lucene search
HistorySep 07, 2023 - 3:15 p.m.
CVE-2023-39711
cve-2023-39711
cross-site scripting
inventory management system
crafted payload
subtotal
paidbill
add new put section
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
34.3%
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Subtotal and Paidbill parameters under the Add New Put section.
Affected configurations
Node
free_and_open_source_inventory_management_system_projectfree_and_open_source_inventory_management_systemMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| free_and_open_source_inventory_management_system_project | free_and_open_source_inventory_management_system | 1.0 | cpe:2.3:a:free_and_open_source_inventory_management_system_project:free_and_open_source_inventory_management_system:1.0:*:*:*:*:*:*:* |
Related
vulnrichment
vulnrichment
CVE-2023-39711
2023-09-07 00:00:00
prion
prion
Cross site scripting
2023-09-07 15:15:00
cvelist
cvelist
CVE-2023-39711
2023-09-07 00:00:00
cve
cve
CVE-2023-39711
2023-09-07 15:15:07
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
34.3%
Related for NVD:CVE-2023-39711