Lucene search
INCIBECVELIST:CVE-2024-33994HistoryAug 06, 2024 - 1:09 p.m.
CVE-2024-33994 Cross-Site Scripting (XSS) vulnerability in Janobe School Event Management System
2024-08-0613:09:59
CWE-79
INCIBE
www.cve.org
3
cve-2024-33994
cross-site scripting
janobe school event
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0
Percentile
9.5%
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session details via theΒ βviewβ parameter in β/event/index.phpβ.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "School Event Management System",
"vendor": "Janobe",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
]Related
vulnrichment
vulnrichment
cve
cve
CVE-2024-33994
2024-08-06 13:15:55
nvd
nvd
CVE-2024-33994
2024-08-06 13:15:55
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0
Percentile
9.5%
Related for CVELIST:CVE-2024-33994