CVE-2023-46450Cross-site Scripting in Inventory Management System

CWE-79Cross-site Scripting3 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
0.1%
top 69.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mayurik Inventory Management System
Timeline
PublishedOct 26

Description

Sourcecodester Free and Open Source inventory management system 1.0 is vulnerable to Cross Site Scripting (XSS) via the Add supplier function.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
CVE-2023-46450: Sourcecodester Free and Open Source inventory management system 12023-10-26
GHSA
GHSA-r4p3-fhf3-gwvv: Sourcecodester Free and Open Source inventory management system 12023-10-26
CVE-2023-46450 — Cross-site Scripting | cvebase