A vulnerability, which was classified as problematic, has been found in SourceCodester Contact Manager with Export to VCF 1.0. Affected by this issue is some unknown functionality of the file index.html. The manipulation of the argument contact_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/gurudattch/CVEs/blob/main/SourceCodester-Contact-managemet-system-Stored-XSS.md | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.276212 | Permissions Required |
https://vuldb.com/?id.276212 | Permissions Required Third Party Advisory |
https://vuldb.com/?submit.399338 | Third Party Advisory VDB Entry |
https://www.sourcecodester.com/ | Product |
Configurations
History
22 Nov 2024, 14:58
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:remyandrade:contact_manager_with_export_to_vcf:1.0:*:*:*:*:*:*:* | |
References | () https://github.com/gurudattch/CVEs/blob/main/SourceCodester-Contact-managemet-system-Stored-XSS.md - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 3.5 |
First Time |
Remyandrade
Remyandrade contact Manager With Export To Vcf |
17 Sep 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Sep 2024, 16:13
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 5.4 |
First Time |
Rems
Rems contact Manager With Export To Vcf |
|
References | () https://vuldb.com/?ctiid.276212 - Permissions Required | |
References | () https://vuldb.com/?id.276212 - Permissions Required, Third Party Advisory | |
References | () https://vuldb.com/?submit.399338 - Third Party Advisory, VDB Entry | |
References | () https://www.sourcecodester.com/ - Product | |
CPE | cpe:2.3:a:rems:contact_manager_with_export_to_vcf:1.0:*:*:*:*:*:*:* |
03 Sep 2024, 12:59
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
30 Aug 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-30 14:15
Updated : 2024-11-22 14:58
NVD link : CVE-2024-8337
Mitre link : CVE-2024-8337
CVE.ORG link : CVE-2024-8337
JSON object : View
Products Affected
remyandrade
- contact_manager_with_export_to_vcf
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')