Cross-Site Scripting Vulnerability in Sourcecodester Laboratory Management System
CVE-2024-34231

7.1HIGH

Key Information:

Vendor: Sourcecodester
Status: Laboratory Management System
Vendor: CVE Published:; 14 May 2024

🔔 Create Sourcecodester Vulnerability Alert

What is CVE-2024-34231?

A cross-site scripting (XSS) flaw exists in Sourcecodester's Laboratory Management System v1.0, where an attacker can leverage a crafted payload in the System Short Name parameter to execute arbitrary web scripts or HTML. This security issue poses risks to user data and the overall integrity of web applications, making it crucial for users to apply appropriate safeguards.

References

https://github.com/Amrita2000/CVES/blob/main/CVE-2024-342...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2024