CVE-2024-2530

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Mar 16, 2024
Updated: May 17, 2024
CWE ID 94

Summary

CVE-2024-2530 is a newly disclosed vulnerability affecting the MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0. The issue, rated as problematic, is linked to the processing of the file /admin/update-rooms.php. An attacker can manipulate the argument id to execute cross-site scripting (XSS) attacks remotely. The vulnerability details have been made public, increasing the risk of exploitation. The associated identifier for this issue is VDB-256966. Unfortunately, the vendor was not responsive to early disclosure attempts.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share