2 matches found
CVE-2023-46580
Cross-Site Scripting XSS vulnerability in Inventory Management V1.0 allows attackers to execute arbitrary code via the pname parameter of the editProduct.php component...
CVE-2023-46580
CVE-2023-46580 describes a cross-site scripting (XSS) vulnerability in Inventory Management V1.0 where the pname parameter of the editProduct.php component can be exploited to run arbitrary script in the victim’s browser. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) indicates a netwo...