CVE-2024-2071

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Mar 1, 2024
Updated: Dec 31, 2024
CWE ID 79

Summary

CVE-2024-2071 is a recently identified vulnerability affecting the SourceCodester FAQ Management System 1.0. The issue lies within the Update FAQ functionality, which is susceptible to cross-site scripting (XSS) attacks. Malicious actors can exploit this vulnerability by manipulating the Frequently Asked Question argument, allowing them to inject and execute malicious scripts in users' browsers. This attack can be launched remotely, posing a significant security risk. [VDB-255386] identifies this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share