Description
A vulnerability has been found in SourceCodester Online Timesheet App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /endpoint/add-timesheet.php of the component Add Timesheet Form. The manipulation of the argument day/task leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
References
ExploitThird Party Advisory
https://vuldb.com/?ctiid.278824
Permissions Required
Third Party Advisory
https://vuldb.com/?submit.413331
Third Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2024-09-29T00:15:03.093
2 weeks agoLast modified
2024-10-01T13:28:52.407
1 week ago