CVE-2024-9803

CVSS 3.1 Score 3.5 of 10 (low)

Details

Published Oct 10, 2024

Updated: Oct 15, 2024

CWE ID 79

Summary

CVE-2024-9803 identifies a vulnerability in the Blood Bank Management System version 1.0, specifically affecting the blooddetails.php file, where manipulation of the "Availibility" argument can lead to cross-site scripting (XSS) attacks. This vulnerability allows remote attackers to exploit the system, potentially impacting other parameters as well. The severity of this issue has been classified as low, with an exploitability score of 2.1 and a base score of 3.5 on the CVSS scale. To remediate this vulnerability, it is recommended that organizations update their application code to properly sanitize inputs to prevent XSS attacks. If exploited, this could lead to integrity issues within affected systems while posing minimal risk to confidentiality and availability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database