Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-42550

Aug. 21, 2024, 5:24 p.m.

Product(s) Impacted

Mini Inventory and Sales Management System

  • commit 18aa3d

Description

A cross-site scripting (XSS) vulnerability in the component /email/welcome.php of Mini Inventory and Sales Management System commit 18aa3d allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.

Weaknesses

Date

Published: Aug. 21, 2024, 5:15 p.m.

Last Modified: Aug. 21, 2024, 5:24 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

cve@mitre.org

References