CVE-2024-0190 | RRJ Nueva Ecija Engineer Online Portal 1.0 Quiz add_quiz.php Quiz Title/Quiz Description cross site scripting

Inserito da Angelo Barbosa | Gen 2, 2024 | CVE

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file add_quiz.php of the component Quiz Handler. The manipulation of the argument Quiz Title/Quiz Description with the input </title><scRipt>alert(x)</scRipt> leads to cross site scripting.

The identification of this vulnerability is CVE-2024-0190. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-0190 | RRJ Nueva Ecija Engineer Online Portal 1.0 Quiz add_quiz.php Quiz Title/Quiz Description cross site scripting

Post correlati

CVE-2024-5273 | Report Info Plugin up to 1.2 on Jenkins Controller File System permission

CVE-2024-22230 | Dell Unity up to 5.3 cross site scripting (dsa-2024-042)

CVE-2024-31897 | IBM Cloud Pak for Business Automation up to 23.0.2 server-side request forgery (XFDB-288178)

CVE-2024-26749 | Linux Kernel up to 6.7.6 cdns3 cdns3_gadget_ep_disable use after free