Lucene search

[email protected]CVE-2022-3453

HistoryOct 11, 2022 - 6:15 p.m.

CVE-2022-3453

2022-10-1118:15:10

CWE-707

[email protected]

web.nvd.nist.gov

sourcecodester

book store management system

vulnerability

cve-2022-3453

cross-site scripting

remote attack

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

22.9%

JSON

A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /transcation.php. The manipulation of the argument buyer_name leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-210437 was assigned to this vulnerability.

Affected configurations

Vulners

NVD

Node

sourcecodesterrestaurant_management_systemMatch1.0

VendorProductVersionCPE
sourcecodesterrestaurant_management_system1.0cpe:2.3:a:sourcecodester:restaurant_management_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sourcecodester	restaurant_management_system	1.0	cpe:2.3:a:sourcecodester:restaurant_management_system:1.0:::::::*

CNA Affected

[
  {
    "vendor": "SourceCodester",
    "product": "Book Store Management System",
    "versions": [
      {
        "version": "1.0",
        "status": "affected"
      }
    ]
  }
]

References

vuldb.com/?id.210437

Social References