CVE-2024-9799 | SourceCodester Profile Registration without Reload Refresh 1.0 add.php cross site scripting

Posted by Angelo Barbosa | Oct 10, 2024 | CVE

A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation of the argument email_address/address/company_name/job_title/jobDescriptionparameter leads to cross site scripting.

This vulnerability is known as CVE-2024-9799. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-9799 | SourceCodester Profile Registration without Reload Refresh 1.0 add.php cross site scripting

Related Posts

CVE-2024-5258 | GitLab up to 16.10.5/16.11.2/17.0.0 Naming Convention authorization (Issue 443254)

CVE-2024-37205 | SERVIT Software Solutions affiliate-toolkit Plugin up to 3.4.4 on WordPress log file

CVE-2020-36837 | ThemeGrill Demo Importer Plugin up to 1.6.1 on WordPress reset_wizard_actions authorization

CVE-2024-42474 | Streamlit up to 1.36.x on Windows Static File Sharing path traversal (GHSA-rxff-vr5r-8cj5)