CVE-2024-55059

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Dec 17, 2024

Updated: Dec 18, 2024

CWE ID 79

Summary

CVE-2024-55059 is a stored HTML Injection vulnerability affecting PHPGurukul Online Birth Certificate System version 1.0, specifically in the certificate-form.php file. An attacker can exploit this vulnerability by injecting malicious HTML code into input fields, which could result in unintended execution of malicious scripts in the user's browser. This could lead to information disclosure, session hijacking, or other unauthorized actions. Users are advised to update their systems to address this issue and practice input validation techniques to prevent similar vulnerabilities.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1TuiRH
https://www.cve.org/CVERecord?id=CVE-2024-55059
https://nvd.nist.gov/vuln/detail/CVE-2024-55059

Back to Vulnerability Database

CVE-2024-55059

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations