Lucene search
CERT-PLVULNRICHMENT:CVE-2024-3579HistoryMay 14, 2024 - 8:51 a.m.
CVE-2024-3579 XSS in Online Shopping System Advanced
2024-05-1408:51:53
CWE-79
CERT-PL
github.com
1
online shopping system
advanced
vulnerable
reflected cross-site scripting
crafted url
user's browser
Open-source project Online Shopping System Advanced is vulnerable to Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in userβs browser.
CNA Affected
[
{
"defaultStatus": "affected",
"product": "Online Shopping System Advanced",
"repo": "https://github.com/PuneethReddyHC/online-shopping-system-advanced",
"vendor": "Puneeth Reddy",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
nvd
nvd
CVE-2024-3579
2024-05-14 16:17:32
cve
cve
CVE-2024-3579
2024-05-14 16:17:32
cvelist
cvelist
CVE-2024-3579 XSS in Online Shopping System Advanced
2024-05-14 08:51:53
6.2 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for VULNRICHMENT:CVE-2024-3579