CVE-2024-5437
Severity
5.3MEDIUM
EPSS
0.1%
top 72.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
Latest updateMay 28
PublishedMay 29
Description
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as problematic. Affected is the function save_category of the file /admin/index.php?page=categories. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266442 is the identifier assigned to this vulnerability.
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N