CVE-2024-2521

CVSS 2.0 Score 4.0 of 10 (medium)

Details

Published Mar 16, 2024
Updated: May 17, 2024
CWE ID 79

Summary

CVE-2024-2521 is a newly discovered vulnerability affecting the MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0. This issue, rated as problematic, impacts an unspecified functionality within the file /admin/bookdate.php. The manipulation of the id argument results in cross-site scripting, allowing remote attackers to inject malicious code. The exploit for this vulnerability, identified as VDB-256958, has been made public, increasing the risk of exploitation. Despite early notification, the vendor has not responded to disclose a patch or mitigation measure.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share