1. Home
  2. CVE Database
  3. CVE-2024-51209
MEDIUM · 5.4

CVE-2024-51209

Cross-Site Scripting (XSS) vulnerabilities in Anuj Kumar's Client Management System Version 1.2 allow local attackers to inject arbitrary web script or HTML via the search input field parameter to adm...

Vulnerability Description

Cross-Site Scripting (XSS) vulnerabilities in Anuj Kumar's Client Management System Version 1.2 allow local attackers to inject arbitrary web script or HTML via the search input field parameter to admin search invoice page and client search invoice page.

CVSS Score

5.4

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
PhpgurukulClient Management System1.2

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2024-51209?

CVE-2024-51209 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Cross-Site Scripting (XSS) vulnerabilities in Anuj Kumar's Client Management System Version 1.2 allow local attackers to inject arbitrary web script or HTML via the search input field parameter to adm...

How severe is CVE-2024-51209?

CVE-2024-51209 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-51209?

Check the references section above for vendor advisories and patch information. Affected products include: Phpgurukul Client Management System.