CVE-2024-11660: code-projects Farmacia usuario.php cross site scripting
First published: Mon Nov 25 2024(Updated: )
A vulnerability was found in code-projects Farmacia 1.0. It has been classified as problematic. This affects an unknown part of the file usuario.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Anisha Farmacia | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-11660?
CVE-2024-11660 is classified as problematic, indicating a significant security risk.
How does CVE-2024-11660 affect the application?
CVE-2024-11660 allows for cross-site scripting through manipulation of the 'name' argument in usuario.php.
Can CVE-2024-11660 be exploited remotely?
Yes, CVE-2024-11660 can be exploited remotely.
Which version of Farmacia is affected by CVE-2024-11660?
CVE-2024-11660 affects version 1.0 of Anisha Farmacia.
How can I mitigate the risks associated with CVE-2024-11660?
To mitigate CVE-2024-11660, validate and sanitize user input to prevent cross-site scripting.
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/source
- vendor/anisha
- canonical/anisha farmacia
- version/anisha farmacia/1.0