CVE-2024-3614

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Apr 11, 2024

Updated: May 17, 2024

CWE ID 79

Summary

CVE-2024-3614 is a recently disclosed vulnerability affecting the SourceCodester Warehouse Management System 1.0. The issue lies in the customer.php file, where the handling of user-supplied input, specifically nama_customer, alamat_customer, and notelp_customer arguments, is susceptible to cross-site scripting (XSS) attacks. An attacker can exploit this remotely by injecting malicious scripts, potentially gaining unauthorized access to user sessions or data. This vulnerability, identified as VDB-260271, is currently under active exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Experience Manager

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wDCBuV
https://www.cve.org/CVERecord?id=CVE-2024-3614
https://nvd.nist.gov/vuln/detail/CVE-2024-3614

Back to Vulnerability Database