Unrated severityNVD Advisory· Published Aug 6, 2024· Updated Aug 8, 2024
Cross-site Scripting in Janobe products
CVE-2024-33980
Description
Cross-Site Scripting (XSS) vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/mod_reports/printreport.php'.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <=1.0
- Janobe/Credit Cardv5Range: 1.0
- Janobe/Debit Card Paymentv5Range: 1.0
- Janobe/Janobe PayPalv5Range: 1.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.