CVE-2023-36940Cross-site Scripting in Online Fire Reporting System

CWE-79Cross-site Scripting3 documents3 sources
Severity
4.8MEDIUMNVD
EPSS
0.1%
top 67.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Phpgurukul Online Fire Reporting System
Timeline
PublishedJul 10

Description

Cross Site Scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL v.1.2 allows attackers to execute arbitrary code via a crafted payload injected into the search field.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:NExploitability: 1.7 | Impact: 2.7

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
CVE-2023-36940: Cross Site Scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL v2023-07-10
GHSA
GHSA-fcmj-gcwc-rvc5: Cross Site Scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL v2023-07-10
CVE-2023-36940 — Cross-site Scripting | cvebase