CVE-2024-4674

CVSS 2.0 Score 4.0 of 10 (medium)

Details

Published May 14, 2024

Updated: Jun 4, 2024

CWE ID 79

Summary

CVE-2024-4674 is a newly disclosed vulnerability affecting the Campcodes Complete Web-Based School Management System version 1.0. The issue lies in an unknown part of the file /view/show_friend_request.php and involves the manipulation of the argument "my_index." This leads to cross-site scripting, which can be exploited remotely. The exploit for this vulnerability has been made public, increasing the risk for potential attacks. The associated identifier for this vulnerability is VDB-263595.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v1mKV_
https://www.cve.org/CVERecord?id=CVE-2024-4674
https://nvd.nist.gov/vuln/detail/CVE-2024-4674

Back to Vulnerability Database

CVE-2024-4674

CVSS 2.0 Score 4.0 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations