First published: Mon Mar 20 2023(Updated: )
A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ecommerce/admin/category/controller.php of the component Category Name Handler. The manipulation of the argument CATEGORY leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223411.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
E-commerce System Project E-commerce System | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-1507 is a vulnerability found in SourceCodester E-Commerce System 1.0 that allows for cross-site scripting attacks through the Category Name Handler component.
CVE-2023-1507 has a severity level of 6.1, which is considered medium.
SourceCodester E-Commerce System 1.0 is affected by CVE-2023-1507.
CVE-2023-1507 is classified under CWE-79, which is Cross-Site Scripting (XSS).
To fix CVE-2023-1507, it is recommended to apply the latest patch or update provided by SourceCodester E-Commerce System Project.