CVE-2023-2155

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

4.8MEDIUM

EPSS

0.1%

top 77.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester AIR Cargo Management System AIR Cargo Management System Project AIR Cargo Management System

Timeline

PublishedApr 18

Description

A vulnerability was found in SourceCodester Air Cargo Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file classes/Master.php?f=save_cargo_type. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226276.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5sourcecodester/air_cargo_management_system1.0

▶NVDair_cargo_management_system_project/air_cargo_management_system1.0

🔴Vulnerability Details

GHSA

GHSA-24x7-8mv3-v5xj: A vulnerability was found in SourceCodester Air Cargo Management System 1↗2023-04-18

▶

CVEList

SourceCodester Air Cargo Management System cross site scripting↗2023-04-18

▶