CVE-2024-8174

Summary

CVE-2024-8174 is a cross-site scripting (XSS) vulnerability identified in the Blood Bank System 1.0, specifically affecting the /login.php component. This vulnerability allows remote attackers to manipulate the "user" argument, potentially compromising the integrity and confidentiality of affected systems. The exploit requires user interaction and has been publicly disclosed, increasing the risk of attacks. To remediate this issue, developers are advised to implement proper input validation and sanitization measures on the login page. The severity of this vulnerability is classified as medium, with a CVSS base score of 6.1, indicating that organizations should prioritize addressing this flaw to prevent potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.