CVE-2024-8208 | nafisulbari/itsourcecode Insurance Management System 1.0 editClient.php AGENT ID cross site scripting

Posted by Angelo Barbosa | Aug 27, 2024 | CVE

A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file editClient.php. The manipulation of the argument AGENT ID leads to cross site scripting.

This vulnerability is known as CVE-2024-8208. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-8208 | nafisulbari/itsourcecode Insurance Management System 1.0 editClient.php AGENT ID cross site scripting

Related Posts

CVE-2024-8327 | Hwa Jiuh Digital Technology Easy Test Online Learning and Testing Platform prior 24A01 page sql injection

CVE-2024-10969 | 1000 Projects Bookstore Management System 1.0 Login /admin/login_process.php unm sql injection

CVE-2024-2963 | marubon Pocket News Generator Plugin up to 0.2.0 on WordPress Setting Consumer Key/Access Token cross site scripting

CVE-2024-25078 | Insyde InsydeH2O StorageSecurityCommandDxe memory corruption