CVE-2023-3989

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jul 28, 2023

Updated: May 17, 2024

CWE ID 79

Summary

CVE-2023-3989: A critical cross-site scripting (XSS) vulnerability was identified in the SourceCodester Jewelry Store System 1.0. This issue, rated as problematic, impacts an unspecified functionality within the file add_customer.php. Malicious actors can exploit this flaw to inject and execute malicious scripts in users' browsers during transactions. The attack can be carried out remotely, potentially leading to data theft or unauthorized system access. (VDB-235610)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sI03TO
https://www.cve.org/CVERecord?id=CVE-2023-3989
https://nvd.nist.gov/vuln/detail/CVE-2023-3989

Back to Vulnerability Database

CVE-2023-3989

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations