CVE-2023-3989
LowCVSS 3.5Exploitation Probability (EPSS)
Low risk42th percentile — higher than 42% of all known CVEs
Summary
A vulnerability was found in SourceCodester Jewelry Store System 1.0, rated as problematic. It affects some unknown functionality of the file add_customer.php, leading to cross-site scripting attacks.
Risk Assessment
An attacker may exploit this vulnerability remotely, posing a risk of session hijacking or data theft.
Recommendation
It is recommended to update the system to the latest version and implement input validation in the add_customer.php file to prevent XSS attacks.
Original NVD description (English source)
A vulnerability was found in SourceCodester Jewelry Store System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add_customer.php. The manipulation leads to cross site scripting. The attack may be launched remotely. VDB-235610 is the identifier assigned to this vulnerability.

