CVE-2023-49971

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customer_support/index.php?page=customer_list.

geraldoalcantara/CVE-2023-49971
geraldoalcantara/CVE-2023-49971
Customer Support System 1.0 - (XSS) Cross-Site Scripting Vulnerability in the "firstname" parameter at "customer_list
GitHubGitHub