itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload to the val-username, val-email, val-suggestions, val-digits and state_name parameters in travellers.php.
References
Configurations
No configuration.
History
07 Oct 2024, 19:37
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
07 Oct 2024, 17:48
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
04 Oct 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-04 19:15
Updated : 2024-10-07 19:37
NVD link : CVE-2024-46077
Mitre link : CVE-2024-46077
CVE.ORG link : CVE-2024-46077
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')