CVE-2024-3532
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-3532 is a newly discovered vulnerability affecting the Campcodes Complete Online Student Management System version 1.0. The issue lies within an unknown function of the attendance_view.php file, which can be exploited through manipulation of the argument "FirstRecord." This vulnerability results in cross-site scripting, allowing an attacker to inject malicious code and potentially take control of user sessions. The attack can be executed remotely, increasing the risk for widespread exploitation. The vulnerability has been made public, increasing the urgency for affected organizations to apply patches or mitigations. (VDB-259902)
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.