CVE-2024-5312

Summary

CVE-2024-5312 is a vulnerability affecting PHP Server Monitor version 3.2.0. It allows for cross-site scripting (XSS) attacks through the /phpservermon-3.2.0/vendor/phpmailer/phpmailer/test_script/index.php page, specifically targeting all visible parameters. An attacker could exploit this vulnerability by sending a specially crafted URL to a victim, enabling them to retrieve session details. The risk score is 26, categorizing it as medium severity. The base score is 6.3 with low impact on integrity and confidentiality. The exploitability score is 2.8, requiring user interaction and network access but no privileges are required. The affected products are 'wJxc1H'. Remediation steps are not provided, and there is no analysis description available for this vulnerability at the moment. Note: The given text does not provide specific information about potential danger to an organization or how to remediate the vulnerability, which limits the ability to include those details in the summary report.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.