Cross Site Scripting Vulnerability in code-projects Simple Admin Panel
CVE-2024-12930
5.3MEDIUM
What is CVE-2024-12930?
A vulnerability has been identified in the Simple Admin Panel version 1.0 developed by code-projects, specifically within the addCatController.php file. This issue arises from improper handling of user input, leading to cross site scripting (XSS) vulnerabilities when the argument 'c_name' is manipulated. Attackers can exploit this vulnerability to inject malicious scripts, which may be executed in the context of a user's browser, potentially compromising sensitive data and user sessions. The exploit can be initiated remotely, posing significant security risks for web applications utilizing this panel.
Affected Version(s)
Simple Admin Panel 1.0