CVE-2024-5312

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published May 24, 2024
CWE ID 79

Summary

CVE-2024-5312 is a vulnerability affecting PHP Server Monitor version 3.2.0. It allows for cross-site scripting (XSS) attacks through the /phpservermon-3.2.0/vendor/phpmailer/phpmailer/test_script/index.php page, specifically targeting all visible parameters. An attacker could exploit this vulnerability by sending a specially crafted URL to a victim, enabling them to retrieve session details. The risk score is 26, categorizing it as medium severity. The base score is 6.3 with low impact on integrity and confidentiality. The exploitability score is 2.8, requiring user interaction and network access but no privileges are required. The affected products are 'wJxc1H'. Remediation steps are not provided, and there is no analysis description available for this vulnerability at the moment. Note: The given text does not provide specific information about potential danger to an organization or how to remediate the vulnerability, which limits the ability to include those details in the summary report.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-5312 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options