Skip to main content

Ac Repair And Services System CVE-2023-3659

MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2023-07-13 cna@vuldb.com
6.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Jul 13, 2023 - 11:15 nvd
MEDIUM 6.1

DescriptionNVD

A vulnerability has been found in SourceCodester AC Repair and Services System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/?page=user/manage_user. The manipulation of the argument firstname/middlename leads to cross site scripting. The attack can be launched remotely. The identifier VDB-234013 was assigned to this vulnerability.

AnalysisAI

A vulnerability has been found in SourceCodester AC Repair and Services System 1.0 and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. A vulnerability has been found in SourceCodester AC Repair and Services System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/?page=user/manage_user. The manipulation of the argument firstname/middlename leads to cross site scripting. The attack can be launched remotely. The identifier VDB-234013 was assigned to this vulnerability. Affected products include: Oretnom23 Ac Repair And Services System.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.

CVE-2023-2656 CRITICAL POC
9.8 May 11

A vulnerability classified as critical has been found in SourceCodester AC Repair and Services System 1.0. Rated critica

CVE-2023-2413 MEDIUM POC
6.5 Apr 29

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. Rated medium severity (CVSS 6.5), this vu

CVE-2023-2411 MEDIUM POC
6.5 Apr 28

A vulnerability was found in SourceCodester AC Repair and Services System 1.0 and classified as critical.php. Rated medi

CVE-2023-2410 MEDIUM POC
6.5 Apr 28

A vulnerability has been found in SourceCodester AC Repair and Services System 1.0 and classified as critical. Rated med

CVE-2023-2409 MEDIUM POC
6.5 Apr 28

A vulnerability, which was classified as critical, was found in SourceCodester AC Repair and Services System 1.0. Rated

CVE-2023-2408 MEDIUM POC
6.5 Apr 28

A vulnerability, which was classified as critical, has been found in SourceCodester AC Repair and Services System 1.0. R

CVE-2023-3678 CRITICAL
9.8 Jul 15

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. Rated critical severity (CVSS 9.8), this

CVE-2023-3661 CRITICAL
9.8 Jul 13

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. Rated critical severity (CVSS 9.8), this

CVE-2023-3658 CRITICAL
9.8 Jul 13

A vulnerability, which was classified as critical, was found in SourceCodester AC Repair and Services System 1.0. Rated

CVE-2023-3657 CRITICAL
9.8 Jul 13

A vulnerability, which was classified as critical, has been found in SourceCodester AC Repair and Services System 1.0.ph

CVE-2023-3619 CRITICAL
9.8 Jul 11

A vulnerability was found in SourceCodester AC Repair and Services System 1.0 and classified as critical.php?f=save_serv

CVE-2023-2412 MEDIUM
6.5 Apr 29

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. Rated medium severity (CVSS 6.5), this vu

Share

CVE-2023-3659 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy