Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted JavaScript payload to an authenticated user and partially take over their browser session via 'view' parameter in '/admin/products/index.php'.
Metrics
Affected Vendors & Products
References
History
Thu, 15 Aug 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Janobe
Janobe young Entrepreneur E-negosyo System |
|
CPEs | cpe:2.3:a:janobe:young_entrepreneur_e-negosyo_system:1.0:*:*:*:*:*:*:* | |
Vendors & Products |
Janobe
Janobe young Entrepreneur E-negosyo System |
Tue, 06 Aug 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: INCIBE
Published: 2024-08-06T10:54:24.486Z
Updated: 2024-08-06T18:31:24.556Z
Reserved: 2024-04-29T12:38:37.774Z
Link: CVE-2024-33975
Vulnrichment
Updated: 2024-08-06T18:31:19.784Z
NVD
Status : Analyzed
Published: 2024-08-06T11:16:05.343
Modified: 2024-08-15T16:50:35.723
Link: CVE-2024-33975
Redhat
No data.