Cross-site Scripting Vulnerability in GS Coaches by GS Plugins
CVE-2024-56262
6.5MEDIUM
What is CVE-2024-56262?
A Stored Cross-site Scripting (XSS) vulnerability exists in the GS Coaches product developed by GS Plugins, allowing an attacker to inject malicious scripts into web pages viewed by users. This security flaw can lead to unauthorized actions taken by users without their consent, compromising the security of the web application. Effective input sanitization measures are essential to mitigate the risk posed by this vulnerability, particularly for versions of GS Coaches prior to 1.1.0.
Affected Version(s)
GS Coaches <= 1.1.0