CVE-2023-5303 — Vulnetix

CVE-2023-5303 PUBLISHED CVSS 3.5 LOW

A vulnerability, which was classified as problematic, was found in Online Banquet Booking System 1.0. Affected is an unknown function of the file /view-booking-detail.php of the component Account Detail Handler. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. VDB-240942 is the identifier assigned to this vulnerability.

EPSS 0.06% · 18.7th percentile

Risk Scores

CVSS v3.1

3.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

EPSS Score

0.06%

18.7th percentile

Affected Products

Vendor	Product	Versions
n/a	Online Banquet Booking System	1.0, 1.0, 1.0
phpgurukul	online_banquet_booking_system	1.0, 1.0, 1.0

Timeline

Sep 30, 2023 CVE Published
Oct 1, 2023 EPSS Score
Nov 2, 2023 EPSS Score
Dec 3, 2023 EPSS Score
Jan 4, 2024 EPSS Score
Feb 5, 2024 EPSS Score
Mar 8, 2024 EPSS Score
Apr 8, 2024 EPSS Score
May 10, 2024 EPSS Score
Jun 11, 2024 EPSS Score
Jul 13, 2024 EPSS Score
Aug 13, 2024 EPSS Score

References

https://vuldb.com/?id.240942 vdb
https://vuldb.com/?ctiid.240942 url
https://nvd.nist.gov/vuln/detail/CVE-2023-5303 advisory

Open in Interactive Console →