CVE-2022-3503 SourceCodester's Supplier Handler has a vulnerability that is revealed as problematic.

This issue may lead to stealing data, posting malicious messages to the supplier. Data may be misused in various ways. The attack may be exploited by a remote hacker. The vulnerability must be corrected. Risk of exploitation: High/Critical. Fix: Upgrade to version 1.1 or higher. Vulnerable software: Supplier Handler.

Summary

This issue has been patched by the vendor. Users are urged to upgrade to version 1.1 or higher.

Supply Chain Attack – CVE-2023-3504

This issue may lead to stealing data, posting malicious messages to the supplier. Data may be misused in various ways. The attack may be exploited by a remote hacker. The vulnerability must be corrected. Risk of exploitation: High/Critical. Fix: Upgrade to version 1.1 or higher. Vulnerable software: Supplier Handler

Timeline

Published on: 10/14/2022 11:15:00 UTC
Last modified on: 10/15/2022 02:32:00 UTC

References

• https://github.com/DisguisedRoot/Exploit/blob/main/Persistent%20XSS/PoC
• https://vuldb.com/?id.210832
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3503