CVE-2024-7752

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Aug 14, 2024
Updated: Aug 19, 2024
CWE ID 79

Summary

CVE-2024-7752 is a newly disclosed vulnerability affecting the SourceCodester Clinics Patient Management System version 1.0. This issue, classified as problematic, resides in the /update_medicine.php file. Attackers can exploit this cross-site scripting (XSS) vulnerability by manipulating the medicine_name argument, allowing them to inject malicious code. The attack can be initiated remotely, making it a significant security risk. The exploit for this vulnerability has been made public, increasing the potential for widespread exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share