Today > | 7 High | 24 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-39090

July 18, 2024, 8:15 p.m.

Product(s) Impacted

PHPGurukul Online Shopping Portal Project

  • 2.0

Description

The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potentially leading to account takeover.

Weaknesses

Date

Published: July 18, 2024, 8:15 p.m.

Last Modified: July 18, 2024, 8:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://github.com/ cve@mitre.org