CVE-2024-8604

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.9MEDIUM
EPSS
0.1%
top 71.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Sourcecodester Online Food Ordering SystemOretnom23 Online Food Ordering System
Timeline
PublishedSep 9

Description

A vulnerability classified as problematic has been found in SourceCodester Online Food Ordering System 2.0. This affects an unknown part of the file index.php of the component Create an Account Page. The manipulation of the argument First Name/Last Name leads to cross site scripting. It is possible to initiate the attack remotely.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
SourceCodester Online Food Ordering System Create an Account Page index.php cross site scripting2024-09-09
GHSA
GHSA-gf29-3f4w-753g: A vulnerability classified as problematic has been found in SourceCodester Online Food Ordering System 22024-09-09
CVE-2024-8604 (MEDIUM CVSS 6.9) | A vulnerability classified as probl | cvebase.io