CVE-2023-7160

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Dec 29, 2023

Updated: May 17, 2024

CWE ID 79

Summary

CVE-2023-7160 is a newly disclosed vulnerability affecting the SourceCodester Engineers Online Portal 1.0. This issue, identified as VDB-249182, is considered problematic and impacts the Add Engineer Handler component's unknown functionality. Attackers can exploit this cross-site scripting (XSS) vulnerability by manipulating the first name/last name input with <script>alert(0)</script>. The exploit allows remote attacks, making it a significant concern. The vulnerability details have been made public, increasing the risk of potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t89nOp
https://www.cve.org/CVERecord?id=CVE-2023-7160
https://nvd.nist.gov/vuln/detail/CVE-2023-7160

Back to Vulnerability Database

CVE-2023-7160

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations