CVE-2024-4687

Summary

CVE-2024-4687 is a newly identified vulnerability affecting the Campcodes Complete Web-Based School Management System version 1.0. This issue lies in an unnamed function of the file /view/create_events.php, which can be exploited through manipulation of the argument "my_index." The vulnerability results in cross-site scripting (XSS), permitting attackers to inject malicious scripts into a user's browser. The attack can be executed remotely, posing a significant security risk. With the exploit publicly disclosed, it is crucial for users to apply the necessary patches or updates to mitigate this vulnerability. (VDB-263628)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.