Privilege Escalation Vulnerability in Sourcecodester Human Resource Management System
CVE-2024-34221

8.8HIGH

Key Information:

Vendor: Sourcecodester
Status: Human Resource Management System
Vendor: CVE Published:; 14 May 2024

Summary

The Sourcecodester Human Resource Management System version 1.0 contains a vulnerability that arises from improper handling of user permissions, allowing an attacker to escalate their privileges. This enables unauthorized access to sensitive features and data within the system, posing significant risks to user confidentiality and data integrity. It highlights the importance of implementing strict permission controls and regular security assessments to mitigate potential threats.

References

https://github.com/dovankha/CVE-2024-34221

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 14, 2024