cve/2023/CVE-2023-36159.md

### [CVE-2023-36159](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36159)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User page.

### POC

#### Reference
- https://cyberredteam.tech/posts/cve-2023-36159/

#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/unknown00759/CVE-2023-36159
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-36159](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36159)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User page.`

			`### POC`

			`#### Reference`
			`- https://cyberredteam.tech/posts/cve-2023-36159/`

			`#### Github`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/unknown00759/CVE-2023-36159`