CVE-2024-6955

Summary

CVE-2024-6955 is a newly disclosed vulnerability affecting the SourceCodester Record Management System version 1.0. This issue, classified as problematic, resides in an unknown function of the file sort2.php. By manipulating argument qualifications, attackers can execute cross-site scripting (XSS) attacks, making it possible for them to inject malicious code and gain unauthorized access to user data. The vulnerability can be exploited remotely, meaning an attacker does not require any prior access to the affected system. With the exploit publicly disclosed, the risk of attacks is heightened, making it essential for users to apply the necessary patches or updates as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.