Reflected Cross Site Scripting Vulnerability in PHPGurukul IFSC Code Finder
CVE-2024-51181

6.1MEDIUM

Key Information:

Vendor: PHPgurukul
Status: Ifsc Code Finder
Vendor: CVE Published:; 29 October 2024

Summary

A reflected Cross Site Scripting (XSS) vulnerability has been identified in the admin interface of PHPGurukul's IFSC Code Finder Project v1.0. This vulnerability permits remote attackers to execute arbitrary scripts by manipulating the 'searchifsccode' parameter. Exploitation of this flaw could lead to unauthorized actions on behalf of users, making it imperative for users to apply security best practices and seek immediate updates to safeguard their applications.

References

https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Ph...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 29, 2024