Cross Site Scripting Vulnerability in Simple Online Bidding System 1.0
CVE-2024-5437

6.1MEDIUM

Key Information:

Vendor: SourceCodester
Status: Simple Online Bidding System
Vendor: CVE Published:; 29 May 2024

Summary

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as problematic. Affected is the function save_category of the file /admin/index.php?page=categories. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266442 is the identifier assigned to this vulnerability.

References

https://vuldb.com/?id.266442

https://vuldb.com/?ctiid.266442

https://vuldb.com/?submit.345066

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 29, 2024