CVE-2024-4721
CVSS 2.0 Score 4.0 of 10 (medium)
Details
Summary
CVE-2024-4721 is a newly disclosed vulnerability affecting the Campcodes Complete Web-Based School Management System version 1.0. The issue lies in the file /model/add_student_subject.php, where a cross-site scripting (XSS) vulnerability has been discovered. The manipulation of argument indices permits attackers to inject malicious scripts, which can be executed in the context of the affected website. This vulnerability can be exploited remotely, increasing the risk to organizations that use this software. As the exploit is now publicly disclosed, it is essential that users of this system apply appropriate patches or upgrades as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.