CVE-2023-5585
SourceCodester Online Motorcycle Rental System Bike List cross site scripting
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability was found in SourceCodester Online Motorcycle Rental System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/?page=bike of the component Bike List. The manipulation of the argument Model with the input "><script>confirm (document.cookie)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-242170 is the identifier assigned to this vulnerability.
Se encontró una vulnerabilidad en SourceCodester Online Motorcycle Rental System 1.0. Ha sido declarado problemático. Esta vulnerabilidad afecta a código desconocido del archivo /admin/?page=bike del componente Bike List. La manipulación del argumento Model con la entrada "> conduce a Cross-Site Scripting (XSS). El ataque puede iniciarse de forma remota. El exploit se ha divulgado al público y puede usarse. VDB-242170 es el identificador asignado a esta vulnerabilidad.
In SourceCodester Online Motorcycle Rental System 1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Es geht um eine nicht näher bekannte Funktion der Datei /admin/?page=bike der Komponente Bike List. Mittels dem Manipulieren des Arguments Model mit der Eingabe "><script>confirm (document.cookie)</script> mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2023-10-14 CVE Reserved
- 2023-10-14 CVE Published
- 2024-09-13 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://vuldb.com/?id.242170 | Technical Description |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Oretnom23 Search vendor "Oretnom23" | Online Motorcycle \(bike\) Rental System Search vendor "Oretnom23" for product "Online Motorcycle \(bike\) Rental System" | 1.0 Search vendor "Oretnom23" for product "Online Motorcycle \(bike\) Rental System" and version "1.0" | - |
Affected
|