CVE-2024-8154
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Summary
CVE-2024-8154 is a cross-site scripting vulnerability identified in SourceCodester QR Code Bookmark System version 1.0, specifically affecting the /endpoint/update-bookmark.php file within the Parameter Handler component. The vulnerability allows for remote exploitation through manipulation of the tbl_bookmark_id, name, or URL arguments. Affected products include x-PQPw and x-PxY1, which may expose organizations to potential data integrity issues and unauthorized actions if exploited. To remediate this vulnerability, it is essential to sanitize user inputs and implement proper validation techniques. The CVSS score for this vulnerability is rated at 5.4, indicating a medium severity level with low privileges required for exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.