Vulnerability Description
Cross Site Scripting (XSS) vulnerability in sourcecodester Toll Tax Management System 1.0 allows remote attackers to run arbitrary code via the First Name and Last Name fields on the My Account page.
CVSS Score
6.1
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oretnom23 | Toll Tax Management System | 1.0 |
Related Weaknesses (CWE)
References
- http://toll.comNot Applicable
- https://cyberredteam.tech/posts/cve-2023-36158/ExploitThird Party Advisory
- https://github.com/unknown00759/CVE-2023-36158/blob/main/CVE-2023-36158.mdExploitThird Party Advisory
- https://www.sourcecodester.com/php/15304/toll-tax-management-system-phpoop-free-Product
- http://toll.comNot Applicable
- https://cyberredteam.tech/posts/cve-2023-36158/ExploitThird Party Advisory
- https://github.com/unknown00759/CVE-2023-36158/blob/main/CVE-2023-36158.mdExploitThird Party Advisory
- https://www.sourcecodester.com/php/15304/toll-tax-management-system-phpoop-free-Product
FAQ
What is CVE-2023-36158?
CVE-2023-36158 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Cross Site Scripting (XSS) vulnerability in sourcecodester Toll Tax Management System 1.0 allows remote attackers to run arbitrary code via the First Name and Last Name fields on the My Account page.
How severe is CVE-2023-36158?
CVE-2023-36158 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-36158?
Check the references section above for vendor advisories and patch information. Affected products include: Oretnom23 Toll Tax Management System.