CVE-2024-2071
CVSS 3.1 Score 9.1 of 10 (high)
Details
Published Mar 1, 2024
Updated: Dec 31, 2024
CWE ID 79
Summary
CVE-2024-2071 is a recently identified vulnerability affecting the SourceCodester FAQ Management System 1.0. The issue lies within the Update FAQ functionality, which is susceptible to cross-site scripting (XSS) attacks. Malicious actors can exploit this vulnerability by manipulating the Frequently Asked Question argument, allowing them to inject and execute malicious scripts in users' browsers. This attack can be launched remotely, posing a significant security risk. [VDB-255386] identifies this issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Adobe Commerce
Affected Vendors
- Adobe