A vulnerability classified as problematic was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected by this vulnerability is an unknown functionality of the file add_act.php. The manipulation of the argument aname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/samwbs/kortexcve/blob/main/xss_add_act/XSS_add_act.md | Exploit |
https://vuldb.com/?ctiid.274141 | Permissions Required |
https://vuldb.com/?id.274141 | Third Party Advisory |
https://vuldb.com/?submit.389163 | Third Party Advisory |
Configurations
History
20 Aug 2024, 13:53
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mayurik:advocate_office_management_system:1.0:*:*:*:*:*:*:* | |
Summary |
|
|
References | () https://github.com/samwbs/kortexcve/blob/main/xss_add_act/XSS_add_act.md - Exploit | |
References | () https://vuldb.com/?ctiid.274141 - Permissions Required | |
References | () https://vuldb.com/?id.274141 - Third Party Advisory | |
References | () https://vuldb.com/?submit.389163 - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 5.4 |
First Time |
Mayurik advocate Office Management System
Mayurik |
12 Aug 2024, 13:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-12 13:38
Updated : 2024-08-20 13:53
NVD link : CVE-2024-7684
Mitre link : CVE-2024-7684
CVE.ORG link : CVE-2024-7684
JSON object : View
Products Affected
mayurik
- advocate_office_management_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')