CVE-2024-3541

CVSS 2.0 Score 4.0 of 10 (medium)

Details

Published Apr 10, 2024

Updated: May 17, 2024

CWE ID 79

Summary

CVE-2024-3541 is a newly disclosed vulnerability affecting the Campcodes Church Management System version 1.0. The issue lies within the /admin/admin_user.php file, and involves a cross-site scripting (XSS) vulnerability. Manipulation of the firstname argument can lead to the execution of malicious scripts in a user's browser. This vulnerability is considered problematic as it can be exploited remotely, and the exploit has been made public, increasing the risk of attacks. The associated identifier for this vulnerability is VDB-259911.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vSs-IZ
https://www.cve.org/CVERecord?id=CVE-2024-3541
https://nvd.nist.gov/vuln/detail/CVE-2024-3541

Back to Vulnerability Database

CVE-2024-3541

CVSS 2.0 Score 4.0 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations