Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted JavaScript payload to an authenticated user and partially take over their browser session via 'id' parameter in '/admin/user/index.php'.
Metrics
Affected Vendors & Products
References
History
Thu, 15 Aug 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Janobe
Janobe young Entrepreneur E-negosyo System |
|
CPEs | cpe:2.3:a:janobe:young_entrepreneur_e-negosyo_system:1.0:*:*:*:*:*:*:* | |
Vendors & Products |
Janobe
Janobe young Entrepreneur E-negosyo System |
MITRE
Status: PUBLISHED
Assigner: INCIBE
Published: 2024-08-06T10:56:09.762Z
Updated: 2024-08-06T13:16:18.699Z
Reserved: 2024-04-29T12:38:37.774Z
Link: CVE-2024-33976
Vulnrichment
Updated: 2024-08-06T13:16:13.583Z
NVD
Status : Analyzed
Published: 2024-08-06T11:16:05.580
Modified: 2024-08-15T16:51:02.450
Link: CVE-2024-33976
Redhat
No data.