Cross Site Scripting Vulnerability in Best Courier Management System by BestTech
CVE-2023-46451

5.4MEDIUM

Key Information:

Vendor: Mayurik
Status: Best Courier Management System
Vendor: CVE Published:; 31 October 2023

Badges

👾 Exploit Exists

What is CVE-2023-46451?

The Best Courier Management System version 1.0 is susceptible to a Cross Site Scripting (XSS) vulnerability during the change username process. This flaw can allow an attacker to inject malicious scripts, potentially compromising user sessions or redirecting users to malicious sites. It emphasizes the need for secure input validation and output encoding in web applications to mitigate such risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://youtu.be/f8B3_m5YfqI

https://github.com/sajaljat/CVE-2023-46451

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 31, 2023
🟡
Public PoC available
Oct 26, 2023
👾
Exploit known to exist
Oct 26, 2023
Vulnerability Reserved
Oct 23, 2023

JSON

Mayurik