CVE-2023-3318
LowCVSS 3.5Exploitation Probability (EPSS)
Low risk41th percentile — higher than 41% of all known CVEs
Summary
A vulnerability was found in SourceCodester Resort Management System 1.0 that leads to cross-site scripting (XSS) attacks through manipulation of the 'page' argument. The attack can be launched remotely.
Risk Assessment
This vulnerability may allow attackers to inject malicious JavaScript code into the application, potentially leading to user data theft or session hijacking.
Recommendation
It is recommended to update the system to the latest version and implement appropriate input sanitization filters to prevent XSS attacks.
Original NVD description (English source)
A vulnerability was found in SourceCodester Resort Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument page leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-231937 was assigned to this vulnerability.

