VYPR
leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227463.","additionalType":"https://schema.org/SoftwareApplication","sameAs":["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2293"]},"keywords":"CVE-2023-2293, Sourcecodester Purchase Order Management System, Sourcecodester Purchase Order Management System","mentions":[{"@type":"SoftwareApplication","name":"Purchase Order Management System","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Sourcecodester"}},{"@type":"SoftwareApplication","name":"Purchase Order Management System","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Sourcecodester"}}],"isAccessibleForFree":true},{"@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://portal.vyprsec.ai/"},{"@type":"ListItem","position":2,"name":"CVEs","item":"https://portal.vyprsec.ai/cves"},{"@type":"ListItem","position":3,"name":"CVE-2023-2293","item":"https://portal.vyprsec.ai/cves/CVE-2023-2293"}]}]}
Unrated severityNVD Advisory· Published Apr 25, 2023· Updated Aug 2, 2024

SourceCodester Purchase Order Management System cross site scripting

CVE-2023-2293

Description

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been classified as problematic. This affects an unknown part of the file classes/Master.php?f=save_item. The manipulation of the argument description with the input leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227463.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.