Arbitrary Web Scripts Execution Vulnerability in Laboratory Management System
CVE-2024-35583
6.1MEDIUM
What is CVE-2024-35583?
The vulnerability in the Sourcecodester Laboratory Management System version 1.0 permits attackers to inject malicious scripts through the Remarks input field. This exploitation allows the execution of arbitrary web scripts or HTML, posing significant risks to users by potentially stealing sensitive information and session cookies. Proper validation and sanitization of user input are essential to mitigate this risk effectively.