← Retour aux CVEs
CVE-2024-33302
MEDIUM5.3
Description
SourceCodester Product Show Room 1.0 and before is vulnerable to Cross Site Scripting (XSS) via "Middle Name" under Add Users.
Details CVE
Score CVSS v3.15.3
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie5/2/2024
Derniere modification4/22/2025
Sourcenvd
Observations honeypot0
Produits affectes
oretnom23:product_show_room_site
Faiblesses (CWE)
CWE-79
References
https://github.com/Mohitkumar0786/CVE/blob/main/CVE-2024-33302.md(af854a3a-2127-422b-91ae-364da2661108)
https://portswigger.net/web-security/cross-site-scripting/stored(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.