CVE-2024-8555

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://vuldb.com/?id.276774", "name": "VDB-276774 | SourceCodester Clinics Patient Management System congratulations.php redirect", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?ctiid.276774", "name": "VDB-276774 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["Permissions Required", "Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?submit.402386", "name": "Submit #402386 | SourceCodester Clinics Patient Management System 2.0 Open Redirect", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://github.com/gurudattch/CVEs/blob/main/Sourcecodester-Clinic's-Patient-Management-System-Open-Redirect.md", "name": "https://github.com/gurudattch/CVEs/blob/main/Sourcecodester-Clinic's-Patient-Management-System-Open-Redirect.md", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}, {"url": "https://www.sourcecodester.com/", "name": "https://www.sourcecodester.com/", "tags": ["Product"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability was found in SourceCodester Clinics Patient Management System 2.0. It has been classified as problematic. Affected is an unknown function of the file congratulations.php. The manipulation of the argument goto_page leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-601"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-8555", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}}, "publishedDate": "2024-09-07T15:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oretnom23:clinic\\'s_patient_management_system:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-09-10T13:53Z"}