First published: Tue Feb 07 2023(Updated: )
A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is the function registration of the file oews/classes/Users.php of the component POST Request Handler. The manipulation of the argument firstname/middlename/lastname/email/contact leads to cross site scripting. The attack can be launched remotely. The identifier VDB-220369 was assigned to this vulnerability.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Online Eyewear Shop Project Online Eyewear Shop | =1.0 | |
Oretnom23 Online Eyewear Shop | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-0732.
The severity of CVE-2023-0732 is medium with a CVSS score of 6.1.
The affected software is SourceCodester Online Eyewear Shop 1.0.
CVE-2023-0732 is a cross-site scripting vulnerability in the registration function of the oews/classes/Users.php file of SourceCodester Online Eyewear Shop 1.0, which allows attackers to manipulate user-input fields.
To fix CVE-2023-0732, it is recommended to update to a patched version of SourceCodester Online Eyewear Shop.