CVE-2022-2748

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.2%
top 58.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sourcecodester Simple Online Book Store System
Timeline
PublishedAug 11
Latest updateAug 12

Description

A vulnerability was found in SourceCodester Simple Online Book Store System. It has been classified as problematic. Affected is an unknown function of the file /admin/edit.php. The manipulation of the argument eid leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-206016.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:NExploitability: 2.1 | Impact: 1.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-m6fp-c6cw-94j2: A vulnerability was found in SourceCodester Simple Online Book Store System2022-08-12
CVEList
SourceCodester Simple Online Book Store System edit.php cross site scripting2022-08-11
CVE-2022-2748 (MEDIUM CVSS 6.1) | A vulnerability was found in Source | cvebase.io