CVE-2024-7321

Summary

CVE-2024-7321 is a newly disclosed cross-site scripting vulnerability affecting the User Registration Handler component in the Online Blood Bank Management System version 1.0. The issue is located in the signup.php file and can be triggered by manipulating the user argument. This vulnerability allows remote attackers to inject malicious scripts into a victim's web browser, potentially stealing sensitive information or taking control of their account. As the exploit has been made public, it is imperative that affected users or organizations take immediate action to apply a patch or workaround to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.