CVE-2024-0424: XSS
First published: Thu Jan 11 2024(Updated: )
A vulnerability classified as problematic has been found in CodeAstro Simple Banking System 1.0. This affects an unknown part of the file createuser.php of the component Create a User Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250443.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CodeAstro Simple Banking System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-0424?
CVE-2024-0424 is classified as a problematic vulnerability affecting the CodeAstro Simple Banking System.
How does CVE-2024-0424 affect users?
CVE-2024-0424 allows for cross site scripting attacks that can be initiated remotely.
Which component is affected by CVE-2024-0424?
CVE-2024-0424 specifically affects the createuser.php file in the Create a User Page component.
Can CVE-2024-0424 be exploited by remote attackers?
Yes, CVE-2024-0424 can be exploited remotely due to its cross site scripting nature.
How can I mitigate the risks of CVE-2024-0424?
To mitigate CVE-2024-0424, it is recommended to sanitize user input in the createuser.php file to prevent cross site scripting.
- agent/type
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/author
- agent/description
- agent/severity
- agent/softwarecombine
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/source
- vendor/codeastro
- canonical/codeastro simple banking system
- version/codeastro simple banking system/1.0