SourceCodester Online Medicine Ordering System cross site scripting
CVE-2022-3716

3.5LOW

Key Information:

Vendor: Sourcecodester
Status: Online Medicine Ordering System
Vendor: CVE Published:; 27 October 2022

Summary

A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-212347.

Affected Version(s)

Online Medicine Ordering System 1.0

References

https://vuldb.com/?id.212347

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 27, 2022
Vulnerability Reserved
Oct 27, 2022