CVE-2024-48170

Severity

5.4MEDIUM

EPSS

0.3%

top 49.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedFeb 10

Description

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name in the profile.php.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

GHSA

GHSA-mp4p-vfgp-m87p: PHPGurukul Small CRM 3↗2025-02-10

▶

CVEList

CVE-2024-48170: PHPGurukul Small CRM 3↗2025-02-10

▶