CVE-2024-9083

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Sep 22, 2024
Updated: Sep 27, 2024
CWE ID 79

Summary

CVE-2024-9083 is a cross-site scripting vulnerability found in the SourceCodester Employee Management System version 1.0, specifically affecting the /Admin/add-admin.php file. This vulnerability allows an attacker to manipulate the txtfullname argument, enabling remote exploits that could compromise web application security. The CVSS base score for this vulnerability is 4.8, indicating a medium severity level, with low integrity and confidentiality impacts but requiring high privileges and user interaction for successful exploitation. To remediate this issue, organizations should sanitize user inputs and implement proper security measures to prevent cross-site scripting attacks. The vulnerability has been publicly disclosed, increasing its risk of exploitation in vulnerable systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share