PHPGurukul Bank Locker MS 1.0 Assign Locker XSS via ahname
CVE-2023-0563 Published on January 28, 2023
PHPGurukul Bank Locker Management System Assign Locker add-locker-form.php cross site scripting
A vulnerability classified as problematic has been found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file add-locker-form.php of the component Assign Locker. The manipulation of the argument ahname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219717 was assigned to this vulnerability.
Timeline
Advisory disclosed
CVE reserved
VulDB entry created
VulDB entry last update 28 days later.
Weakness Type
What is a XSS Vulnerability?
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CVE-2023-0563 has been classified to as a XSS vulnerability or weakness.
Products Associated with CVE-2023-0563
stack.watch emails you whenever new vulnerabilities are published in Banklockermanagementsystemproject Bank Locker Management System or PHPGurukul Bank Locker Management System. Just hit a watch button to start following.
Affected Versions
PHPGurukul Bank Locker Management System Version 1.0 is affected by CVE-2023-0563Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.