CVE-2023-48903 Information

Description

Stored Cross-Site Scripting (XSS) vulnerability in tramyardg autoexpress 1.3.0 allows remote unauthenticated attackers to inject arbitrary web script or HTML within parameter \imgType\ via in uploadCarImages.php.

Reference

https://packetstormsecurity.com/files/177662/Tramyardg-Autoexpress-1.3.0-Cross-Site-Scripting.html