CVE-2024-53481
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2024-53481 is a Cross-Site Scripting (XSS) vulnerability affecting the profile.php file in the PHPGurukul Beauty Parlour Management System version 1.1. This issue enables remote attackers to inject arbitrary HTML code into the "Firstname" and "Last name" parameters, allowing them to execute malicious scripts in the browsers of unsuspecting users. Successful exploitation of this vulnerability could lead to data theft, unauthorized account access, or even complete system takeover. Users are encouraged to apply the necessary patches or upgrades to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Phpgurukul Beauty Parlour Management System