CVE-2024-0260

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 7, 2024

Updated: May 17, 2024

CWE ID 613

Summary

CVE-2024-0260 is a recently disclosed vulnerability affecting SourceCodester Engineers Online Portal 1.0. The issue lies within the Password Change component's change_password_teacher.php file, specifically an unknown function. An attacker can manipulate this function, leading to session expiration. This vulnerability can be exploited remotely, making it a significant concern for users. Due to public disclosure, the exploit is now available, increasing the risk for potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uDAHQT
https://www.cve.org/CVERecord?id=CVE-2024-0260
https://nvd.nist.gov/vuln/detail/CVE-2024-0260

Back to Vulnerability Database

CVE-2024-0260

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations