[Description] Sourcecodester Free and Open Source inventory management system 1.0 is vulnerable to Cross Site Scripting (XSS) via the Add supplier function.
[Additional Information] A video POC stored XSS vulnerability exists in the add supplier functionality in free and open source inventory management system. Link: https://youtu.be/LQy0_xIK2q0
[Vulnerability Type] Cross Site Scripting (XSS)
[Vendor of Product] opensource
[Affected Product Code Base] free-and-open-source-inventory-management-system-php-source-code - 1.0000
[Affected Component] Add supplier functionality
[Attack Type] Remote
[Impact Code execution] true
[Attack Vectors] Authenticated Stored XSS
[Reference] https://youtu.be/LQy0_xIK2q0
[Discoverer] Yagyesh K. Tiwari
yte121/-CVE-2023-46450
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
About
CVE-2023-46450 reference
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published