CVE-2023-3144 LOW

CVE-2023-3144: SourceCodester Online Discussion Forum Site manage_post.php cross site scripting

Vendor Sourcecodester

Product Online Discussion Forum Site

Weakness CWE-79 · XSS

Published June 7, 2023

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

3.5/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability classified as problematic was found in SourceCodester Online Discussion Forum Site 1.0. Affected by this vulnerability is an unknown functionality of the file admin\posts\manage_post.php. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-231013 was assigned to this vulnerability.

Key dates

02Disclosure timeline

June 7, 2023 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-3144

Related vulnerabilities

04Related CVE

CVE-2026-35015 Open ISES Tickets < 3.44.2 Reflected XSS via do_unit_mail.php the_ticket Parameter CVE-2025-36436 Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2026. CVE-2024-34356 TYPO3 vulnerable to Cross-Site Scripting in the Form Manager Module CVE-2025-8510 Portabilis i-Educar educar_matricula_lst.php Gerar cross site scripting CVE-2025-54890 A user with elevated privileges can inject XSS in the Hostgroups configuration page