CVE-2024-8137

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Aug 24, 2024
Updated: Aug 27, 2024
CWE ID 79

Summary

CVE-2024-8137 is a vulnerability identified in SourceCodester Record Management System version 1.0, specifically affecting the file search_user.php, where improper handling of the search argument can lead to cross-site scripting (XSS) attacks. This vulnerability allows attackers to exploit it remotely with low complexity, requiring user interaction for successful execution. Organizations using this system may face medium severity risks, as it has a CVSS base score of 6.1, indicating potential impacts on integrity and confidentiality. To remediate this vulnerability, it is crucial for users to apply updates or patches provided by the vendor as soon as they become available. Failure to address this issue could expose sensitive data and compromise user interactions on affected systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share