Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-28277

Published: 14/05/2024 Updated: 14/05/2024

Vulnerability Summary

In Sourcecodester School Task Manager v1.0, a vulnerability was identified within the subject_name= parameter, enabling Stored Cross-Site Scripting (XSS) attacks. This vulnerability allows malicious users to manipulate the subject's name, potentially leading to the execution of malicious JavaScript payloads.

Vulnerability Trend

Github Repositories

https://github.com/unrealjbr/CVE-2024-28277

CVE-2024-28277

[Suggested description] In Sourcecodester School Task Manager v10, a vulnerability was identified within the subject_name= parameter, enabling Stored Cross-Site Scripting (XSS) attacks This vulnerability allows attackers to manipulate the subject's name, leading the execution of malicious JavaScript payloads [Vulnerability Type] Cross Site Scripting (XSS) [Vendor of P

References

https://www.sourcecodester.com/download-code?nid=16877&title=School+Task+Manager+Using+PHP+with+Source+Codehttps://github.com/unrealjbr/CVE-2024-28277https://nvd.nist.govhttps://github.com/unrealjbr/CVE-2024-28277
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injectionCVE-2024-35894SQLCVE-2024-5105CVE-2014-100005CVE-2024-35895unauthorizedCVE-2024-22120CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook