CVE-2024-8582

Summary

CVE-2024-8582 is a vulnerability identified in the SourceCodester Food Ordering Management System version 1.0, affecting the /index.php file's functionality. This flaw allows for cross-site scripting (XSS) attacks through manipulation of the "description" argument, which can be exploited remotely without requiring elevated privileges. The vulnerability has been publicly disclosed, posing a potential risk to organizations utilizing this system as it may enable attackers to execute malicious scripts in users’ browsers. To mitigate this risk, it is recommended that organizations update their systems and implement input validation to sanitize user inputs effectively. The CVSS score for this vulnerability is 6.1, indicating a medium severity level with low integrity and confidentiality impacts.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.