Cross-Site Scripting Vulnerability in Online Shop Store by Code Projects
CVE-2024-11243
6.1MEDIUM
What is CVE-2024-11243?
A vulnerability has been discovered in the Online Shop Store version 1.0, specifically in the /signup.php file. This security flaw arises when the 'm2' argument is manipulated with a malicious payload, allowing the execution of arbitrary JavaScript code. This could potentially lead to sensitive information exposure via cookies, as the attack can be executed remotely. The exploit has already been made public, increasing the urgency for users of this application to take appropriate security measures.