CVE-2024-50839

Summary

CVE-2024-50839 is a stored Cross-Site Scripting (XSS) vulnerability identified in the /admin/add_subject.php file of the KASHIPARA E-learning Management System Project 1.0. This issue enables remote attackers to inject and execute malicious scripts by manipulating the subject_code and title parameters, potentially leading to unintended execution of malicious code in users' browsers. This vulnerability poses a significant risk to the confidentiality, integrity, and availability of data processing systems utilizing this software. Users are strongly advised to apply the necessary security patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.