Skip to main content

Improper Neutralization

CVE-2022-3453

Severity Medium
Score 5.4/10

Summary

A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /transcation.php. The manipulation of the argument buyer_name leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-210437 was assigned to this vulnerability.

  • LOW
  • NETWORK
  • LOW
  • CHANGED
  • REQUIRED
  • LOW
  • LOW
  • NONE

CWE-707 - Improper Neutralization

The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

References

Advisory Timeline

  • Published