CVE-2024-4672

CVSS 2.0 Score 4.0 of 10 (medium)

Details

Published May 14, 2024

Updated: Jun 4, 2024

CWE ID 79

Summary

CVE-2024-4672 is a newly disclosed vulnerability affecting the Campcodes Complete Web-Based School Management System version 1.0. An unknown functionality in the file /view/show_student_subject.php contains a cross-site scripting (XSS) issue. The vulnerability can be exploited remotely by manipulating the argument id. An attacker can inject malicious scripts, potentially gaining unauthorized access to user data or taking control of the affected system. The identifier VDB-263593 has been assigned to this vulnerability, and the exploit has been made public.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v1lOas
https://www.cve.org/CVERecord?id=CVE-2024-4672
https://nvd.nist.gov/vuln/detail/CVE-2024-4672

Back to Vulnerability Database

CVE-2024-4672

CVSS 2.0 Score 4.0 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations