CVE-2024-8154

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Aug 25, 2024
Updated: Aug 26, 2024
CWE ID 79

Summary

CVE-2024-8154 is a cross-site scripting vulnerability identified in SourceCodester QR Code Bookmark System version 1.0, specifically affecting the /endpoint/update-bookmark.php file within the Parameter Handler component. The vulnerability allows for remote exploitation through manipulation of the tbl_bookmark_id, name, or URL arguments. Affected products include x-PQPw and x-PxY1, which may expose organizations to potential data integrity issues and unauthorized actions if exploited. To remediate this vulnerability, it is essential to sanitize user inputs and implement proper validation techniques. The CVSS score for this vulnerability is rated at 5.4, indicating a medium severity level with low privileges required for exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share