CVE-2024-1871

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 26, 2024

Updated: Dec 23, 2024

CWE ID 79

Summary

CVE-2024-1871 is a newly disclosed vulnerability affecting the SourceCodester Employee Management System 1.0. This issue lies in an unidentified function within the /process/assignp.php component's Project Assignment Report. The vulnerability allows an attacker to execute cross site scripting (XSS) attacks by manipulating the pname argument. The exploit can be carried out remotely, increasing the risk to users. The vulnerability has been made public, and it is recommended that affected systems be updated as soon as possible to mitigate the threat. (VDB-254694)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uolG0x
https://www.cve.org/CVERecord?id=CVE-2024-1871
https://nvd.nist.gov/vuln/detail/CVE-2024-1871

Back to Vulnerability Database

CVE-2024-1871

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations