CVE-2024-1834

Summary

CVE-2024-1834 is a newly disclosed vulnerability affecting the SourceCodester Simple Student Attendance System version 1.0. This issue is classified as problematic and is related to the file ?page=attendance&class_id=1. An attacker can manipulate the argument class_date with the input 2024-02-23%22%3E%3Cscript%3Ealert(1)%3C/script%3E to initiate a cross-site scripting (XSS) attack. This vulnerability allows remote attackers to inject malicious scripts into the system, potentially stealing sensitive user data or taking control of the affected account. The exploit for this vulnerability has been made public, increasing the risk of widespread exploitation. Vulnerability database VDB has assigned the identifier VDB-254625 to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.