CVE-2023-5302
LOWBest Courier Management System 1.0 - Cross-Site Scripting via First Name Parameter
Title source: llmDescription
A vulnerability, which was classified as problematic, has been found in SourceCodester Best Courier Management System 1.0. This issue affects some unknown processing of the component Manage Account Page. The manipulation of the argument First Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240941 was assigned to this vulnerability.
References (3)
Core 3
Core References
Permissions Required, Third Party Advisory, VDB Entry vdb-entry
technical-description
https://vuldb.com/?id.240941
Permissions Required, Third Party Advisory, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.240941
Exploit, Third Party Advisory exploit
https://github.com/rohit0x5/poc/blob/main/cve_2
Scores
CVSS v3
3.5
EPSS
0.0007
EPSS Percentile
21.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-79
Status
published
Products (1)
mayurik/best_courier_management_system
1.0
Published
Sep 30, 2023
Tracked Since
Feb 18, 2026