Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session cookie details via 'view' parameter in /admin/orders/index.php'.
Metrics
Affected Vendors & Products
References
History
Thu, 15 Aug 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Janobe
Janobe young Entrepreneur E-negosyo System |
|
CPEs | cpe:2.3:a:janobe:young_entrepreneur_e-negosyo_system:1.0:*:*:*:*:*:*:* | |
Vendors & Products |
Janobe
Janobe young Entrepreneur E-negosyo System |
MITRE
Status: PUBLISHED
Assigner: INCIBE
Published: 2024-08-06T10:58:21.857Z
Updated: 2024-08-06T15:30:42.583Z
Reserved: 2024-04-29T12:38:37.774Z
Link: CVE-2024-33977
Vulnrichment
Updated: 2024-08-06T15:30:37.217Z
NVD
Status : Analyzed
Published: 2024-08-06T11:16:05.793
Modified: 2024-08-15T16:53:04.110
Link: CVE-2024-33977
Redhat
No data.