Cross Site Scripting Vulnerability in Insurance Management System
CVE-2024-31065

Currently unrated

Key Information:

Vendor: Vendor Name
Status: Insurance Management System
Vendor: CVE Published:; 28 March 2024

🔔 Create Vendor Name Vulnerability Alert

What is CVE-2024-31065?

A Cross Site Scripting (XSS) vulnerability exists in the Insurance Management System that enables a remote attacker to inject malicious scripts through the City input field. This flaw can lead to arbitrary code execution, allowing attackers to manipulate user sessions or gain access to sensitive data. Organizations using versions 1.0.0 and earlier of this system should take immediate action to mitigate potential risks associated with this vulnerability.

References

https://portswigger.net/web-security/cross-site-scripting...

https://owasp.org/www-community/attacks/xss/

https://github.com/sahildari/cve/blob/master/CVE-2024-310...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 28, 2024
Vulnerability Reserved
Mar 27, 2024