CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2023-3309: SourceCodester Resort Reservation System Manage Room Page ?page=rooms cross site scripting

3.5 CVSS

Description

A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file ?page=rooms of the component Manage Room Page. The manipulation of the argument Cottage Number leads to cross site scripting. The attack can be launched remotely. The identifier VDB-231805 was assigned to this vulnerability. In SourceCodester Resort Reservation System 1.0 wurde eine problematische Schwachstelle entdeckt. Es geht um eine nicht näher bekannte Funktion der Datei ?page=rooms der Komponente Manage Room Page. Mit der Manipulation des Arguments Cottage Number mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen.

Classification

CVE ID: CVE-2023-3309

CVSS Base Severity: LOW

CVSS Base Score: 3.5

Affected Products

Vendor: SourceCodester

Product: Resort Reservation System

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.09% (probability of being exploited)

EPSS Percentile: 40.49% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://vuldb.com/?id.231805
https://vuldb.com/?ctiid.231805
https://kr1shna4garwal.github.io/posts/cve-poc-2023/#cve-2023-3309

Timeline

2024-12-19 00:30:32 UTC
CVE

SourceCodester Resort Reservation System Manage Room Page ?page=rooms cross site scripting