CVE-2024-57522: XSS
First published: Mon Feb 03 2025(Updated: )
SourceCodester Packers and Movers Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in Users.php. An attacker can inject a malicious script into the username or name field during user creation.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SourceCodester Packers and Movers Management System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-57522?
CVE-2024-57522 has a high severity due to the potential for Cross Site Scripting (XSS) attacks.
How do I fix CVE-2024-57522?
To fix CVE-2024-57522, validate and sanitize user inputs in the username and name fields to prevent script injection.
What types of attacks can CVE-2024-57522 enable?
CVE-2024-57522 can enable an attacker to execute arbitrary scripts in the users' browsers, potentially stealing cookies or session tokens.
Which versions of the SourceCodester Packers and Movers Management System are affected by CVE-2024-57522?
CVE-2024-57522 affects version 1.0 of SourceCodester Packers and Movers Management System.
Who is affected by CVE-2024-57522?
Users of the SourceCodester Packers and Movers Management System who allow unvalidated input in user creation are at risk of CVE-2024-57522.
- collector/nvd-api
- source/NVD
- agent/references
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/source
- agent/type
- agent/description
- agent/first-publish-date
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- vendor/sourcecodester
- canonical/sourcecodester packers and movers management system