CVE-2024-2998

CVSS 3.1 Score 2.4 of 10 (low)

Details

Published Mar 27, 2024
Updated: Mar 28, 2024
CWE ID 79

Summary

CVE-2024-2998 is a vulnerability found in the Bdtask Multi-Store Inventory Management System up to version 20240320. It is classified as a cross-site scripting (XSS) vulnerability in the Store Update Page component. This vulnerability allows remote attackers to manipulate the Store Name/Store Address argument and launch an attack. The exploit has been publicly disclosed and is considered problematic. The vendor was notified but did not respond. The risk score for this vulnerability is 5, indicating a significant potential danger to organizations using this system. Remediation should involve updating to a patched version of the software as soon as it becomes available.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-2998 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options