CVE-2024-9799
CVSS 3.1 Score 3.5 of 10 (low)
Details
Summary
CVE-2024-9799 identifies a cross-site scripting vulnerability in SourceCodester Profile Registration without Reload Refresh version 1.0, specifically affecting the functionality of the add.php file. This vulnerability allows an attacker to manipulate parameters such as email_address, address, company_name, job_title, and jobDescription, which can be exploited remotely. The risk is classified as low with a CVSS base score of 3.5; however, it requires user interaction for exploitation and can lead to partial integrity impact. Organizations using the affected product are advised to apply appropriate input validation and sanitization measures to mitigate the risk associated with this vulnerability. Public disclosure of the exploit increases the urgency for remediation to prevent potential attacks leveraging this flaw.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.