CVE-2024-0189 | RRJ Nueva Ecija Engineer Online Portal 1.0 Create Message teacher_message.php Content cross site scripting

Posted by Angelo Barbosa | Jan 2, 2024 | CVE

A vulnerability has been found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic. This vulnerability affects unknown code of the file teacher_message.php of the component Create Message Handler. The manipulation of the argument Content with the input </title><scRipt>alert(x)</scRipt> leads to cross site scripting.

This vulnerability was named CVE-2024-0189. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-0189 | RRJ Nueva Ecija Engineer Online Portal 1.0 Create Message teacher_message.php Content cross site scripting

Related Posts

CVE-2024-45758 | h2oai H2O up to 3.46.0.4 JDBC Connection connection_url deserialization

CVE-2024-39203 | Z-BlogPHP 1.7.3 Theme Management Module cross site scripting

CVE-2024-20065 | MediaTek MT6989 Telephony information disclosure (ALPS08698617)

CVE-2024-4256 | Techkshetra Info Solutions Savsoft Quiz 6.0 Category Page editCategory category_name cross site scripting