Reflected XSS Vulnerability in PHPGurukul IFSC Code Finder
CVE-2024-51180

6.1MEDIUM

Key Information:

Vendor: PHPgurukul
Status: Ifsc Code Finder
Vendor: CVE Published:; 29 October 2024

Summary

A reflected cross-site scripting (XSS) vulnerability exists in the PHPGurukul IFSC Code Finder Project v1.0, specifically within the /ifscfinder/index.php file. This flaw allows remote attackers to inject and execute arbitrary scripts by exploiting the 'searchifsccode' parameter. The vulnerability can lead to unauthorized access and manipulation of sensitive user data, highlighting the critical need for users to protect their applications from such security threats.

References

https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Ph...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 29, 2024