CVE-2024-7685

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Aug 12, 2024

Updated: Aug 20, 2024

CWE ID 79

Summary

CVE-2024-7685 is a newly disclosed vulnerability affecting the SourceCodester Kortex Lite Advocate Office Management System version 1.0. This issue lies within the file adds.php, and it permits cross-site scripting (XSS) attacks. Attackers can exploit this vulnerability by manipulating the argument names, such as dob, email, mobile, and address, and launch remote attacks. The exploit for this weakness has been publicly disclosed, increasing the risk of successful attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xrKl8R
https://www.cve.org/CVERecord?id=CVE-2024-7685
https://nvd.nist.gov/vuln/detail/CVE-2024-7685

Back to Vulnerability Database

CVE-2024-7685

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations