CVE-2024-8153

Summary

CVE-2024-8153 is a cross-site scripting vulnerability identified in SourceCodester QR Code Bookmark System version 1.0, specifically affecting the processing of the file /endpoint/delete-bookmark.php. This vulnerability allows an attacker to manipulate the bookmark argument, potentially leading to unauthorized actions that may be initiated remotely. The issue has a medium severity rating with a CVSS score of 5.4, and it requires low privileges and user interaction to exploit. Organizations using affected products such as 'x-PQPw' and 'x-PxY1' are advised to implement input validation measures to remediate this vulnerability. If left unaddressed, it could jeopardize the security of sensitive user data and enable further attacks within the network environment.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.