CVE-2024-53365
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Summary
CVE-2024-53365 is a stored cross-site scripting (XSS) vulnerability affecting the PHPGURUKUL Vehicle Parking Management System version 1.13. This issue is located in the /users/profile.php file, which enables authenticated users to inject malicious XSS scripts into the profile name field. Successful exploitation of this vulnerability could lead to the execution of malicious code on other users' browsers, potentially compromising their data or sessions. It is imperative that users and administrators of the PHPGURUKUL Vehicle Parking Management System upgrade to a patched version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- PHPGurukul Vehicle Parking Management System