SourceCodester Medical Certificate Generator App New Record cross site scripting
CVE-2023-1006

5.4MEDIUM

Key Information:

Vendor: SourceCodester
Status: Medical Certificate Generator App
Vendor: CVE Published:; 24 February 2023

Summary

A vulnerability was found in SourceCodester Medical Certificate Generator App 1.0. It has been classified as problematic. This affects an unknown part of the component New Record Handler. The manipulation of the argument Firstname/Middlename/Lastname/Suffix/Nationality/Doctor Fullname/Doctor Suffix with the input ">prompt(1) leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-221739.

Affected Version(s)

Medical Certificate Generator App 1.0

References

https://vuldb.com/?id.221739

vdb-entrytechnical-description

https://vuldb.com/?ctiid.221739

signature

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 24, 2023
Vulnerability Reserved
Feb 24, 2023

Credit

sk3l10x1ng (VulDB User)