CVE-2023-3659
LowCVSS 3.5Exploitation Probability (EPSS)
Low risk26th percentile — higher than 26% of all known CVEs
Summary
A vulnerability has been found in SourceCodester AC Repair and Services System 1.0 that allows cross site scripting (XSS) attacks through manipulation of the firstname/middlename arguments in the file admin/?page=user/manage_user.
Risk Assessment
An attacker can remotely exploit this vulnerability, potentially leading to user data theft or session hijacking.
Recommendation
It is recommended to update the system to the latest version and implement input data filtering to prevent XSS attacks.
Original NVD description (English source)
A vulnerability has been found in SourceCodester AC Repair and Services System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/?page=user/manage_user. The manipulation of the argument firstname/middlename leads to cross site scripting. The attack can be launched remotely. The identifier VDB-234013 was assigned to this vulnerability.

