Vulnerabilities > CVE-2023-4864 - Unspecified vulnerability in Take-Note APP Project Take-Note APP 1.0

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

take-note-app-project

NVD

Published: 2023-09-09

Updated: 2024-11-21

Summary

A vulnerability, which was classified as problematic, was found in SourceCodester Take-Note App 1.0. This affects an unknown part of the file index.php. The manipulation of the argument noteContent with the input <script>alert('xss')</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239349 was assigned to this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Take-Note_App_Project Take Note APP Project Take Note APP 1.0	1

References

https://skypoc.wordpress.com/2023/09/05/sourcecodester-take-note-app-v1-0-has-multiple-vulnerabilities/
https://skypoc.wordpress.com/2023/09/05/sourcecodester-take-note-app-v1-0-has-multiple-vulnerabilities/
https://vuldb.com/?ctiid.239349
https://vuldb.com/?ctiid.239349
https://vuldb.com/?id.239349
https://vuldb.com/?id.239349