Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the first, last, middle name fields in the User Profile page.
References
Link | Resource |
---|---|
http://lost.com | Not Applicable Product |
https://packetstormsecurity.com/files/179078/Lost-And-Found-Information-System-1.0-Cross-Site-Scripting.html | Third Party Advisory VDB Entry |
https://www.sourcecodester.com/ | Not Applicable |
http://lost.com | Not Applicable Product |
https://packetstormsecurity.com/files/179078/Lost-And-Found-Information-System-1.0-Cross-Site-Scripting.html | Third Party Advisory VDB Entry |
https://www.sourcecodester.com/ | Not Applicable |
Configurations
History
No history.
Information
Published : 2024-07-29 19:15
Updated : 2024-11-21 09:24
NVD link : CVE-2024-37856
Mitre link : CVE-2024-37856
CVE.ORG link : CVE-2024-37856
JSON object : View
Products Affected
oretnom23
- lost_and_found_information_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')