CVE-2024-7303 MEDIUM

CVE-2024-7303: itsourcecode Online Blood Bank Management System Send Blood Request Page request.php cross site scripting

Vendor Itsourcecode
Product Online Blood Bank Management System
Weakness CWE-79 · XSS
Published July 31, 2024
Last update July 31, 2024
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /request.php of the component Send Blood Request Page. The manipulation of the argument Address/bloodgroup leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273185 was assigned to this vulnerability.

Key dates

02Disclosure timeline

July 31, 2024 CVE published
July 31, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-58702 WordPress MarketKing Plugin <= 2.0.92 - Cross Site Scripting (XSS) Vulnerability CVE-2024-2720 Campcodes Complete Online DJ Booking System aboutus.php cross site scripting CVE-2024-30199 WordPress WP-Lister Lite for Amazon plugin <= 2.6.8 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2023-50924 Stored XSS in Overview and Output fields CVE-2024-32552 WordPress Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability