CVE-2024-9807 - Classroombookings Cross-Site Scripting Vulnerability

1 month ago 16
ARTICLE AD BOX
CVE ID : CVE-2024-9807
Published : Oct. 10, 2024, 7:15 p.m. | 24 minutes ago
Description : A vulnerability was found in Craig Rodway Classroombookings 2.8.7 and classified as problematic. This issue affects some unknown processing of the file /sessions of the component Session Page. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.8.8 is able to address this issue. It is recommended to upgrade the affected component. The project maintainer was contacted early about the disclosure. He responded very quickly, friendly, and professional.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article