CVE-2023-5585

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Oct 15, 2023

Updated: May 17, 2024

CWE ID 79

Summary

CVE-2023-5585 is a newly disclosed vulnerability affecting the SourceCodester Online Motorcycle Rental System 1.0. Specifically, the Bike List component's /admin/?page=bike file contains a cross-site scripting (XSS) issue. By manipulating the "Model" argument with the input "<script>confirm (document.cookie)</script>", an attacker can execute malicious scripts in a user's browser. This vulnerability can be exploited remotely and its existence has been made public. Vulnerability database VDB assigns the identifier VDB-242170 to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tAW0lP
https://www.cve.org/CVERecord?id=CVE-2023-5585
https://nvd.nist.gov/vuln/detail/CVE-2023-5585

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-2023-5585

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations