CVE-2024-7685

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Aug 12, 2024
Updated: Aug 20, 2024
CWE ID 79

Summary

CVE-2024-7685 is a newly disclosed vulnerability affecting the SourceCodester Kortex Lite Advocate Office Management System version 1.0. This issue lies within the file adds.php, and it permits cross-site scripting (XSS) attacks. Attackers can exploit this vulnerability by manipulating the argument names, such as dob, email, mobile, and address, and launch remote attacks. The exploit for this weakness has been publicly disclosed, increasing the risk of successful attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share