Lucene search

[email protected]CVE-2023-26773

HistoryApr 10, 2023 - 9:15 p.m.

CVE-2023-26773

2023-04-1021:15:07

CWE-79

[email protected]

web.nvd.nist.gov

cve-2023-26773

cross site scripting

xss

sales tracker management system

nvd

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.004 Low

EPSS

Percentile

75.0%

JSON

Cross Site Scripting vulnerability found in Sales Tracker Management System v.1.0 allows a remote attacker to gain privileges via the product list function in the Master.php file.

Affected configurations

NVD

Node

sales_tracker_management_system_projectsales_tracker_management_systemMatch1.0

CPENameOperatorVersion
sales_tracker_management_system_project:sales_tracker_management_systemsales tracker management system project sales tracker management systemeq1.0

CPE	Name	Operator	Version
sales_tracker_management_system_project:sales_tracker_management_system	sales tracker management system project sales tracker management system	eq	1.0

References

packetstormsecurity.com/files/171686/Sales-Tracker-Management-System-1.0-Cross-Site-Scripting.html

twitter.com/retrymp3

www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html

www.sourcecodester.com/users/tips23

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.004 Low

EPSS

Percentile

75.0%

JSON

Related for CVE-2023-26773

prion1 cvelist1 nvd1 packetstorm1