Unrated severityNVD Advisory· Published May 8, 2024· Updated Aug 21, 2024
SourceCodester Prison Management System changepassword.php cross site scripting
CVE-2024-4645
Description
A vulnerability was found in SourceCodester Prison Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /Admin/changepassword.php. The manipulation of the argument txtold_password/txtnew_password/txtconfirm_password leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263489 was assigned to this vulnerability.
Affected products
2=1.0+ 1 more
- (no CPE)range: =1.0
- (no CPE)range: 1.0
Patches
Vulnerability mechanics
References
4- github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss4.mdmitreexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
News mentions
0No linked articles in our index yet.