CVE-2024-3320

{"id": "CVE-2024-3320", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.5, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2024-04-05T00:15:08.147", "references": [{"url": "https://github.com/qqqyc/vuln/blob/main/eLearning%20System-XSS-01.md", "tags": ["Exploit", "Third Party Advisory"], "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?ctiid.259388", "tags": ["Permissions Required", "VDB Entry"], "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?id.259388", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?submit.310103", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cna@vuldb.com"}, {"url": "https://github.com/qqqyc/vuln/blob/main/eLearning%20System-XSS-01.md", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://vuldb.com/?ctiid.259388", "tags": ["Permissions Required", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://vuldb.com/?id.259388", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://vuldb.com/?submit.310103", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "cna@vuldb.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in SourceCodester eLearning System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument page leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-259388."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en SourceCodester eLearning System 1.0. Ha sido calificada como problem\u00e1tica. Una funci\u00f3n desconocida es afectada por este problema. La manipulaci\u00f3n de la p\u00e1gina de argumentos conduce a Cross-Site Scripting. El ataque puede lanzarse de forma remota. El identificador de esta vulnerabilidad es VDB-259388."}], "lastModified": "2025-02-18T17:09:26.307", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oretnom23:elearning_system:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D25131F4-0CEA-4740-B2D3-10DCD0F73C58"}], "operator": "OR"}]}], "sourceIdentifier": "cna@vuldb.com"}