CVE-2024-8583

A vulnerability was found in SourceCodester Online Bank Management System and Online Bank Management System - 1.0. It has been classified as problematic. This affects an unknown part of the file /mfeedback.php of the component Feedback Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
References
Link Resource
https://github.com/Niu-zida/cve/blob/main/Storage-optimized%20Cross-site%20scripting%20vulnerability.md Exploit Third Party Advisory
https://vuldb.com/?ctiid.276819 Permissions Required
https://vuldb.com/?id.276819 Permissions Required Third Party Advisory
https://vuldb.com/?submit.404611 Third Party Advisory VDB Entry
https://www.sourcecodester.com/ Product
Configurations

Configuration 1 (hide)

cpe:2.3:a:oretnom23:online_bank_management_system:1.0:*:*:*:*:*:*:*

History

10 Sep 2024, 15:49

Type Values Removed Values Added
First Time Oretnom23
Oretnom23 online Bank Management System
CPE cpe:2.3:a:oretnom23:online_bank_management_system:1.0:*:*:*:*:*:*:*
CVSS v2 : 4.0
v3 : 3.5
v2 : 4.0
v3 : 5.4
References () https://github.com/Niu-zida/cve/blob/main/Storage-optimized%20Cross-site%20scripting%20vulnerability.md - () https://github.com/Niu-zida/cve/blob/main/Storage-optimized%20Cross-site%20scripting%20vulnerability.md - Exploit, Third Party Advisory
References () https://vuldb.com/?ctiid.276819 - () https://vuldb.com/?ctiid.276819 - Permissions Required
References () https://vuldb.com/?id.276819 - () https://vuldb.com/?id.276819 - Permissions Required, Third Party Advisory
References () https://vuldb.com/?submit.404611 - () https://vuldb.com/?submit.404611 - Third Party Advisory, VDB Entry
References () https://www.sourcecodester.com/ - () https://www.sourcecodester.com/ - Product

09 Sep 2024, 13:03

Type Values Removed Values Added
Summary
  • (es) Se ha encontrado una vulnerabilidad en SourceCodester Online Bank Management System and Online Bank Management System - 1.0. Se ha clasificado como problemática. Afecta a una parte desconocida del archivo /mfeedback.php del componente Feedback Handler. La manipulación provoca cross site scripting. Es posible iniciar el ataque de forma remota. El exploit se ha hecho público y puede utilizarse.

08 Sep 2024, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-08 22:15

Updated : 2024-09-10 15:49


NVD link : CVE-2024-8583

Mitre link : CVE-2024-8583

CVE.ORG link : CVE-2024-8583


JSON object : View

Products Affected

oretnom23

  • online_bank_management_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')