CVE-2024-5413

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published May 28, 2024
CWE ID 79

Summary

CVE-2024-5413 is a vulnerability that affects PhpMyBackupPro version 2.3. This vulnerability allows an attacker to execute XSS (Cross-site Scripting) through the /phpmybackuppro/scheduled.php page by manipulating all parameters. By creating a specially crafted URL and sending it to a victim, the attacker can retrieve their session details. The base severity of this vulnerability is rated as HIGH and it has a base score of 7.1 according to the CVSS:3.1 scoring system. The risk score associated with this vulnerability is 26, indicating its potential danger to organizations. Remediation for this vulnerability would involve updating PhpMyBackupPro to a version that addresses the issue or implementing additional security measures to mitigate the risk of XSS attacks.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-5413 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options