CVE-2024-7752
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Published Aug 14, 2024
Updated: Aug 19, 2024
CWE ID 79
Summary
CVE-2024-7752 is a newly disclosed vulnerability affecting the SourceCodester Clinics Patient Management System version 1.0. This issue, classified as problematic, resides in the /update_medicine.php file. Attackers can exploit this cross-site scripting (XSS) vulnerability by manipulating the medicine_name argument, allowing them to inject malicious code. The attack can be initiated remotely, making it a significant security risk. The exploit for this vulnerability has been made public, increasing the potential for widespread exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share