Vulnerability CVE-2024-24050


Published: 2024-03-20   Modified: 2024-03-21

Description:
Cross Site Scripting (XSS) vulnerability in Sourcecodester Workout Journal App 1.0 allows attackers to run arbitrary code via parameters firstname and lastname in /add-user.php.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Workout Journal App 1.0 Cross Site Scripting
MURAT CAGRI ALIS
01.04.2024

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://www.muratcagrialis.com/workout-journal-app-stored-xss-cve-2024-24050

Copyright 2024, cxsecurity.com

 

Back to Top