CVE-2024-37798
published 2024-06-17CVE-2024-37798: Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote…
medium5.9CVSS 3.1
AVNACLPRHUIRSCCLILAL
Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input field.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chrome_chrome | — | — | |
| linux | linux_kernel | >= 0 < 5.15.0-143.153 | 5.15.0-143.153 |
| linux | linux_kernel | >= 0 < 4.4.0-270.304 | 4.4.0-270.304 |
| linux | linux_kernel | >= 0 < 4.15.0-239.251 | 4.15.0-239.251 |
| linux | linux_kernel | >= 0 < 5.4.0-219.239 | 5.4.0-219.239 |
| phpgurukul | beauty_parlour_management_system | — | — |
CVSS provenance
nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
osv7.8HIGH