CVE-2023-5302 — Vulnetix

CVE-2023-5302 PUBLISHED CVSS 3.5 LOW

A vulnerability, which was classified as problematic, has been found in SourceCodester Best Courier Management System 1.0. This issue affects some unknown processing of the component Manage Account Page. The manipulation of the argument First Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240941 was assigned to this vulnerability.

EPSS 0.07% · 21.5th percentile

Risk Scores

CVSS v3.1

3.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

EPSS Score

0.07%

21.5th percentile

Affected Products

Vendor	Product	Versions
mayurik	best_courier_management_system	1.0, 1.0
SourceCodester	Best Courier Management System	1.0, 1.0

Timeline

Sep 30, 2023 CVE Published
Oct 1, 2023 EPSS Score
Nov 2, 2023 EPSS Score
Dec 3, 2023 EPSS Score
Jan 4, 2024 EPSS Score
Feb 5, 2024 EPSS Score
Mar 8, 2024 EPSS Score
Apr 8, 2024 EPSS Score
May 10, 2024 EPSS Score
Jun 11, 2024 EPSS Score
Jul 13, 2024 EPSS Score
Aug 13, 2024 EPSS Score

References

https://vuldb.com/?id.240941 vdb
https://vuldb.com/?ctiid.240941 url
https://github.com/rohit0x5/poc/blob/main/cve_2 exploit
https://nvd.nist.gov/vuln/detail/CVE-2023-5302 advisory

Open in Interactive Console →