CVE-2024-8337

Summary

CVE-2024-8337 is a cross-site scripting vulnerability found in the SourceCodester Contact Manager with Export to VCF 1.0, specifically affecting the index.html file where manipulation of the contact_name argument can be exploited. The potential danger includes remote attacks that may compromise web application security, allowing unauthorized actions by attackers. The vulnerability is classified with a medium severity score of 5.4, indicating that user interaction is required and privileges needed for exploitation are low. To remediate this issue, users of the affected software should implement proper input validation and sanitization practices to mitigate risks associated with cross-site scripting attacks. For more detailed guidance and updates, references can be accessed from third-party advisory sites such as VulDB.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.