CVE-2024-51328

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Nov 4, 2024

CWE ID 79

Summary

CVE-2024-51328 is a newly identified Cross-Site Scripting (XSS) vulnerability. This issue impacts the addcategory.php file within projectworld's Travel Management System v1.0. An attacker can exploit this weakness by injecting malicious code through the t2 parameter, gaining the ability to execute arbitrary scripts in users' browsers. Successful exploitation may lead to unauthorized access, data theft, or other malicious activities. System administrators and users are strongly advised to apply the necessary patches as soon as possible to prevent potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/z7Y1I6
https://www.cve.org/CVERecord?id=CVE-2024-51328
https://nvd.nist.gov/vuln/detail/CVE-2024-51328

Back to Vulnerability Database

CVE-2024-51328

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations