CVE-2024-5897

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://vuldb.com/?id.268141", "name": "VDB-268141 | SourceCodester Employee and Visitor Gate Pass Logging System cross site scripting", "tags": ["Third Party Advisory"], "refsource": ""}, {"url": "https://vuldb.com/?ctiid.268141", "name": "VDB-268141 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["Permissions Required", "Third Party Advisory"], "refsource": ""}, {"url": "https://vuldb.com/?submit.354923", "name": "Submit #354923 | sourcecodester Employee and Visitor Gate Pass Logging System v1.0 xss", "tags": ["Third Party Advisory"], "refsource": ""}, {"url": "https://github.com/Hefei-Coffee/cve/blob/main/xss.md", "name": "https://github.com/Hefei-Coffee/cve/blob/main/xss.md", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=log_visitor. The manipulation of the argument name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-268141 was assigned to this vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-79"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-5897", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}}, "publishedDate": "2024-06-12T16:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oretnom23:employee_and_visitor_gate_pass_logging_system:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-08-23T16:27Z"}