CVE-2024-24134

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Jan 29, 2024

Updated: Feb 22, 2024

CWE ID 79

Summary

CVE-2024-24134 is a Cross-Site Scripting (XSS) vulnerability affecting Sourcecodester Online Food Menu 1.0. Malicious scripts can be injected into the 'Menu Name' and 'Description' fields in the Update Menu section, posing a risk to users visiting affected websites. Successful exploitation of this vulnerability could lead to data theft or unauthorized website manipulation. Users are advised to update their software or implement XSS protection mechanisms to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uRlyrn
https://www.cve.org/CVERecord?id=CVE-2024-24134
https://nvd.nist.gov/vuln/detail/CVE-2024-24134

Back to Vulnerability Database

CVE-2024-24134

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations