A cross-site scripting (XSS) vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field.
5.4CVSS
5.3AI Score
0.001EPSS
Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting (XSS) via add category.
5.4CVSS
5.3AI Score
0.001EPSS
A vulnerability, which was classified as problematic, has been found in SourceCodester Expense Tracker App v1. Affected by this issue is some unknown functionality of the file add_category.php of the component Category Handler. The manipulation of the argument category_name leads to cross site scri...
5.4CVSS
5.2AI Score
0.001EPSS