CVE-2024-5097
Severity:
MEDIUM
Type:
CWE-352
Cross-Site Request Forgery (CSRF)
Publication date:
19/05/2024
Last modified:
20/05/2024
Description
A vulnerability, which was classified as problematic, was found in SourceCodester Simple Inventory System 1.0. Affected is an unknown function of the file /tableedit.php#page=editprice. The manipulation of the argument itemnumber leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265080.
Impact
Base Score 3.x
4.30
Severity 3.x
MEDIUM
Base Score 2.0
5.00
Severity 2.0
MEDIUM