CVE-2024-10348 — Cross-site Scripting in Best House Rental Management System

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.1%

top 67.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Best House Rental Management System Mayurik Best House Rental Management System

Timeline

PublishedOct 24

Latest updateOct 25

Description

A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=tenants of the component Manage Tenant Details. The manipulation of the argument Last Name/First Name/Middle Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only shows the field "Last Name"…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5sourcecodester/best_house_rental_management_system1.0

▶NVDmayurik/best_house_rental_management_system1.0

🔴Vulnerability Details

GHSA

GHSA-gc3f-r2gj-mhrp: A vulnerability was found in SourceCodester Best House Rental Management System 1↗2024-10-25

▶

CVEList

SourceCodester Best House Rental Management System Manage Tenant Details index.php cross site scripting↗2024-10-24

▶