CVE-2024-2072
CVSS 3.1 Score 9.1 of 10 (high)
Details
Summary
CVE-2024-2572 is a newly disclosed vulnerability affecting the SourceCodester Flashcard Quiz App 1.0. This issue lies in the /endpoint/update-flashcard.php file and is classified as problematic. attackers can exploit this cross-site scripting (XSS) flaw by manipulating the question/answer argument. The vulnerability can be exploited remotely, allowing attackers to inject malicious scripts into unsuspecting users' browsers. The exploit for this vulnerability (VDB-255387) has been made public, increasing the risk of attacks. Users are strongly encouraged to update their applications as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Adobe Commerce
Affected Vendors
- Adobe