CVSS 3.1 Score 5.4 of 10 (medium)


Published Jan 29, 2024
Updated: Mar 21, 2024


A cross-site scripting vulnerability, identified as CVE-2024-1010, has been discovered in SourceCodester Employee Management System 1.0. The vulnerability exists in the edit-profile.php file and can be exploited through the manipulation of arguments such as fullname, phone, date of birth, address, and date of appointment. This vulnerability allows for remote attacks to initiate cross-site scripting. The associated identifier for this vulnerability is VDB-252279. The base severity of this vulnerability is rated as MEDIUM with a CVSS score of 5.4. It is important for organizations using SourceCodester Employee Management System 1.0 to apply appropriate patches or updates to remediate this vulnerability and mitigate the potential risks it poses.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-1010 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options