Cross-Site Scripting Vulnerability in Sourcecodester Laboratory Management System
CVE-2024-34231

7.1HIGH

Key Information:

Vendor
CVE Published:
14 May 2024

What is CVE-2024-34231?

A cross-site scripting (XSS) flaw exists in Sourcecodester's Laboratory Management System v1.0, where an attacker can leverage a crafted payload in the System Short Name parameter to execute arbitrary web scripts or HTML. This security issue poses risks to user data and the overall integrity of web applications, making it crucial for users to apply appropriate safeguards.

References

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

.