CVE-2024-9906

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.1%
top 65.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Sourcecodester Online Eyewear ShopOretnom23 Online Eyewear Shop
Timeline
PublishedOct 13

Description

A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument Code leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
SourceCodester Online Eyewear Shop cross site scripting2024-10-13
GHSA
GHSA-rg8g-76vm-5c47: A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 12024-10-13
CVE-2024-9906 (MEDIUM CVSS 5.3) | A vulnerability | cvebase.io