CVE-2023-1853 LOW

CVE-2023-1853: SourceCodester Online Payroll System employee_edit.php cross site scripting

Vendor Sourcecodester
Product Online Payroll System
Weakness CWE-79 · XSS
Published April 5, 2023
Last update February 10, 2025
View on NVD All CVEs

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability, which was classified as problematic, has been found in SourceCodester Online Payroll System 1.0. This issue affects some unknown processing of the file /admin/employee_edit.php. The manipulation of the argument of leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224993 was assigned to this vulnerability.

Key dates

02Disclosure timeline

April 5, 2023 CVE published
February 10, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-5975 PHPGurukul Rail Pass Management System download-pass.php cross site scripting CVE-2024-37956 WordPress VK All in One Expansion Unit plugin <= 9.99.1.0 - Cross Site Scripting (XSS) vulnerability CVE-2025-64495 Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled resulting in ATO/RCE CVE-2024-22168 Cross-Site Scripting (XSS) vulnerability on Western Digital My Cloud and SanDisk ibi Web Apps CVE-2018-0327