A vulnerability, which was classified as problematic, has been found in romadebrian WEB-Sekolah 1.0. Affected by this issue is some unknown functionality of the file /Admin/Proses_Edit_Akun.php of the component Backend. The manipulation of the argument Username_Baru/Password leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/2537463005/a/blob/main/WEB-Sekolah%E5%90%8E%E5%8F%B0%E5%AD%98%E5%82%A8%E5%9E%8Bxss.md | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.283088 | Permissions Required |
https://vuldb.com/?id.283088 | Third Party Advisory |
https://vuldb.com/?submit.429558 | Third Party Advisory |
Configurations
History
06 Nov 2024, 22:43
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/2537463005/a/blob/main/WEB-Sekolah%E5%90%8E%E5%8F%B0%E5%AD%98%E5%82%A8%E5%9E%8Bxss.md - Exploit, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.283088 - Permissions Required | |
References | () https://vuldb.com/?id.283088 - Third Party Advisory | |
References | () https://vuldb.com/?submit.429558 - Third Party Advisory | |
CPE | cpe:2.3:a:romadebrian:web-sekolah:1.0:*:*:*:*:*:*:* | |
Summary |
|
|
First Time |
Romadebrian
Romadebrian web-sekolah |
|
CVSS |
v2 : v3 : |
v2 : 3.3
v3 : 4.8 |
05 Nov 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-05 14:15
Updated : 2024-11-06 22:43
NVD link : CVE-2024-10842
Mitre link : CVE-2024-10842
CVE.ORG link : CVE-2024-10842
JSON object : View
Products Affected
romadebrian
- web-sekolah