{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2023-4864", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability, which was classified as problematic, was found in SourceCodester Take-Note App 1.0. This affects an unknown part of the file index.php. The manipulation of the argument noteContent with the input leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239349 was assigned to this vulnerability." }, { "lang": "deu", "value": "Es wurde eine problematische Schwachstelle in SourceCodester Take-Note App 1.0 gefunden. Betroffen hiervon ist ein unbekannter Ablauf der Datei index.php. Dank der Manipulation des Arguments noteContent mit der Eingabe mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-79 Cross Site Scripting", "cweId": "CWE-79" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "SourceCodester", "product": { "product_data": [ { "product_name": "Take-Note App", "version": { "version_data": [ { "version_affected": "=", "version_value": "1.0" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://vuldb.com/?id.239349", "refsource": "MISC", "name": "https://vuldb.com/?id.239349" }, { "url": "https://vuldb.com/?ctiid.239349", "refsource": "MISC", "name": "https://vuldb.com/?ctiid.239349" }, { "url": "https://skypoc.wordpress.com/2023/09/05/sourcecodester-take-note-app-v1-0-has-multiple-vulnerabilities/", "refsource": "MISC", "name": "https://skypoc.wordpress.com/2023/09/05/sourcecodester-take-note-app-v1-0-has-multiple-vulnerabilities/" } ] }, "credits": [ { "lang": "en", "value": "gikaku (VulDB User)" } ], "impact": { "cvss": [ { "version": "3.1", "baseScore": 3.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "baseSeverity": "LOW" }, { "version": "3.0", "baseScore": 3.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "baseSeverity": "LOW" }, { "version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } }