A vulnerability was found in Rukovoditel up to 3.5.2 and classified as problematic. This issue affects some unknown processing of the file index.php?module=users/registration&action=save. The manipulation of the argument user_photo leads to cross site scripting.
The identification of this vulnerability is CVE-2024-34469. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.