Cross Site Scripting Vulnerability in SourceCodester Insurance Management System 1.0
CVE-2024-7225

5.4MEDIUM

Key Information:

Vendor: SourceCodester
Status: Insurance Management System
Vendor: CVE Published:; 30 July 2024

Summary

A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /Script/admin/core/update_policy of the component Edit Insurance Policy Page. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272805 was assigned to this vulnerability.

References

https://vuldb.com/?id.272805

https://vuldb.com/?ctiid.272805

https://vuldb.com/?submit.380967

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jul 30, 2024