CVE-2024-8084

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Aug 22, 2024
Updated: Aug 27, 2024
CWE ID 79

Summary

CVE-2024-8084 is a cross-site scripting vulnerability found in SourceCodester Online Computer and Laptop Store version 1.0, specifically affecting the SystemSettings.php file during the update_settings process. This vulnerability allows for remote exploitation through manipulation of the "System Name" argument, potentially enabling unauthorized access to sensitive information. The impact score is rated at 4.8 with a medium severity classification, and it requires high privileges and user interaction to exploit successfully. To mitigate this risk, organizations should implement proper input validation and update their systems to a patched version if available. If left unaddressed, this vulnerability could facilitate attacks that compromise user data or system integrity.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share