CVE-2023-5791: SourceCodester Sticky Notes App add-note.php cross site scripting
First published: Thu Oct 26 2023(Updated: )
A vulnerability, which was classified as problematic, was found in SourceCodester Sticky Notes App 1.0. This affects an unknown part of the file endpoint/add-note.php. The manipulation of the argument noteTitle/noteContent leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-243597 was assigned to this vulnerability.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2023-5791.
What is the severity level of CVE-2023-5791?
The severity level of CVE-2023-5791 is medium.
What is the affected software of CVE-2023-5791?
The affected software of CVE-2023-5791 is SourceCodester Sticky Notes App 1.0.
What is the CWE category of CVE-2023-5791?
The CWE category of CVE-2023-5791 is CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
How can I fix CVE-2023-5791?
To fix CVE-2023-5791, it is recommended to apply the latest patch or update provided by the software vendor.
- agent/type
- agent/first-publish-date
- agent/author
- agent/references
- agent/title
- agent/severity
- agent/weakness
- collector/epss-latest
- source/FIRST
- agent/description
- agent/epss
- agent/softwarecombine
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/tags
- agent/source
- vendor/remyandrade
- canonical/remyandrade sticky notes app
- version/remyandrade sticky notes app/1.0