CVE-2024-53365

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Nov 26, 2024
CWE ID 79

Summary

CVE-2024-53365 is a stored cross-site scripting (XSS) vulnerability affecting the PHPGURUKUL Vehicle Parking Management System version 1.13. This issue is located in the /users/profile.php file, which enables authenticated users to inject malicious XSS scripts into the profile name field. Successful exploitation of this vulnerability could lead to the execution of malicious code on other users' browsers, potentially compromising their data or sessions. It is imperative that users and administrators of the PHPGURUKUL Vehicle Parking Management System upgrade to a patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • PHPGurukul Vehicle Parking Management System