CVE-2024-45528

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Sep 2, 2024
Updated: Sep 3, 2024
CWE ID 79

Summary

CVE-2024-45528 is a vulnerability found in CodeAstro MembershipM-PHP (Membership Management System in PHP) version 1.0, which allows for stored cross-site scripting (XSS) via the add_members.php fullname field. This vulnerability has a medium severity rating with a CVSS base score of 5.4, requiring low privileges and user interaction to exploit. The potential danger posed to organizations includes the risk of attackers executing malicious scripts that could compromise user data or manipulate web content. To remediate this issue, it is recommended that affected users sanitize and validate input fields to prevent XSS attacks. For more details, further information can be accessed through the relevant documentation available on GitHub.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share