CVE-2022-2363

SourceCodester Simple Parking Management System cross site scripting

CVSS 3.5 LOWEPSS 0.5%CWE-79

A vulnerability, which was classified as problematic, has been found in SourceCodester Simple Parking Management System 1.0. Affected by this issue is some unknown functionality of the file /ci_spms/admin/search/searching/. The manipulation of the argument search with the input "><script>alert("XSS")</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Affected products

SourceCodester · Simple Parking Management System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting%28Refelected%29/POC.md https://vuldb.com/?id.203420