CVE-2024-1919

Published: Feb 27, 2024Modified: Dec 18, 2024

5.4

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.3 / Impact: 2.7

Source: NVD

Description

A vulnerability classified as problematic was found in SourceCodester Online Job Portal 1.0. This vulnerability affects unknown code of the file /Employer/ManageWalkin.php of the component Manage Walkin Page. The manipulation of the argument Job Title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-254854 is the identifier assigned to this vulnerability.

Affected (1)

Products: Janobe: Online Job Portal

1 product

Online Job Portal

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Janobe Online Job Portal	Version 1.0

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (6)

https://prnt.sc/1W0g0F8vv2mw

Source: cna@vuldb.com

ExploitThird Party Advisory

https://vuldb.com/?ctiid.254854

Source: cna@vuldb.com

Permissions Required

https://vuldb.com/?id.254854

Source: cna@vuldb.com

Permissions Required

https://prnt.sc/1W0g0F8vv2mw

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://vuldb.com/?ctiid.254854

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://vuldb.com/?id.254854

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

Timeline

No history available yet.