CVE-2023-3189

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.1%
top 74.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Sourcecodester Online School Fees SystemOnline School Fees System Project Online School Fees System
Timeline
PublishedJun 14

Description

A vulnerability, which was classified as problematic, was found in SourceCodester Online School Fees System 1.0. This affects an unknown part of the file /paysystem/branch.php of the component POST Parameter Handler. The manipulation of the argument branch leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-231501 was assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:NExploitability: 2.1 | Impact: 1.4

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
SourceCodester Online School Fees System POST Parameter branch.php cross site scripting2023-06-14
GHSA
GHSA-c439-f4ww-m5rq: A vulnerability, which was classified as problematic, was found in SourceCodester Online School Fees System 12023-06-14
CVE-2023-3189 (MEDIUM CVSS 6.1) | A vulnerability | cvebase.io