A vulnerability classified as problematic has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected is an unknown function of the file addcase_stage.php. The manipulation of the argument cname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/samwbs/kortexcve/blob/main/xss_addcase_stage/xss_addcase_stage.md | Exploit |
https://vuldb.com/?ctiid.274140 | Permissions Required |
https://vuldb.com/?id.274140 | Third Party Advisory |
https://vuldb.com/?submit.389162 | Third Party Advisory |
Configurations
History
20 Aug 2024, 13:52
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mayurik:advocate_office_management_system:1.0:*:*:*:*:*:*:* | |
Summary |
|
|
First Time |
Mayurik
Mayurik advocate Office Management System |
|
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 5.4 |
References | () https://github.com/samwbs/kortexcve/blob/main/xss_addcase_stage/xss_addcase_stage.md - Exploit | |
References | () https://vuldb.com/?ctiid.274140 - Permissions Required | |
References | () https://vuldb.com/?id.274140 - Third Party Advisory | |
References | () https://vuldb.com/?submit.389162 - Third Party Advisory |
12 Aug 2024, 13:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-12 13:38
Updated : 2024-08-20 13:52
NVD link : CVE-2024-7683
Mitre link : CVE-2024-7683
CVE.ORG link : CVE-2024-7683
JSON object : View
Products Affected
mayurik
- advocate_office_management_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')