CVE-2024-9092

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Sep 23, 2024
Updated: Sep 27, 2024
CWE ID 79

Summary

CVE-2024-9092 is a cross-site scripting (XSS) vulnerability found in SourceCodester Profile Registration without Reload Refresh 1.0, specifically affecting the add.php file of the Registration Form component. This vulnerability allows attackers to manipulate the full_name argument, potentially leading to unauthorized access and exploitation by remote attackers. The severity of this issue has been rated as medium, with a CVSS base score of 6.1, indicating that user interaction is required for successful exploitation. Organizations are advised to remediate this vulnerability by implementing proper input validation and sanitization measures in their registration forms. Failure to address this issue could result in data integrity risks and unauthorized information disclosure within affected applications.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share