CVE Catalog

CVE-2023-3989

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.56%

42th percentile — higher than 42% of all known CVEs

Summary

A vulnerability was found in SourceCodester Jewelry Store System 1.0, rated as problematic. It affects some unknown functionality of the file add_customer.php, leading to cross-site scripting attacks.

Risk Assessment

An attacker may exploit this vulnerability remotely, posing a risk of session hijacking or data theft.

Recommendation

It is recommended to update the system to the latest version and implement input validation in the add_customer.php file to prevent XSS attacks.

Original NVD description (English source)

A vulnerability was found in SourceCodester Jewelry Store System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add_customer.php. The manipulation leads to cross site scripting. The attack may be launched remotely. VDB-235610 is the identifier assigned to this vulnerability.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS