CVE-2024-2553

A vulnerability, which was classified as problematic, was found in SourceCodester Product Review Rating System 1.0. Affected is an unknown function of the component Rate Product Handler. The manipulation of the argument Your Name/Comment leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257052.
Configurations

No configuration.

History

21 Nov 2024, 09:09

Type Values Removed Values Added
References () https://github.com/BurakSevben/CVEs/blob/main/Product%20Rating%20System/CVE-2024-2553%20-%20Product%20Rating%20System%20-%20Cross-Site-Scripting.md - () https://github.com/BurakSevben/CVEs/blob/main/Product%20Rating%20System/CVE-2024-2553%20-%20Product%20Rating%20System%20-%20Cross-Site-Scripting.md -
References () https://github.com/BurakSevben/CVEs/blob/main/Product%20Rating%20System/Product%20Rating%20System%20-%20Cross-Site-Scripting-1.md - () https://github.com/BurakSevben/CVEs/blob/main/Product%20Rating%20System/Product%20Rating%20System%20-%20Cross-Site-Scripting-1.md -
References () https://vuldb.com/?ctiid.257052 - () https://vuldb.com/?ctiid.257052 -
References () https://vuldb.com/?id.257052 - () https://vuldb.com/?id.257052 -
References () https://vuldb.com/?submit.298886 - () https://vuldb.com/?submit.298886 -

26 Mar 2024, 17:15

Type Values Removed Values Added
References
  • () https://github.com/BurakSevben/CVEs/blob/main/Product%20Rating%20System/CVE-2024-2553%20-%20Product%20Rating%20System%20-%20Cross-Site-Scripting.md -
  • () https://vuldb.com/?submit.298886 -

21 Mar 2024, 02:52

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad fue encontrada en SourceCodester Product Review Rating System 1.0 y clasificada como problemática. Una función desconocida del componente Rate Product Handler es afectada por esta función. La manipulación del argumento Su nombre/comentario conduce a cross-site scripting. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al público y puede utilizarse. El identificador de esta vulnerabilidad es VDB-257052.

17 Mar 2024, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-17 04:15

Updated : 2024-11-21 09:09


NVD link : CVE-2024-2553

Mitre link : CVE-2024-2553

CVE.ORG link : CVE-2024-2553


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')