CVE-2024-8151 MEDIUM

CVE-2024-8151: SourceCodester Interactive Map with Marker delete-mark.php cross site scripting

Vendor Sourcecodester

Product Interactive Map with Marker

Weakness CWE-79 · XSS

Published August 25, 2024

Last update August 26, 2024

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/delete-mark.php. The manipulation of the argument mark leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Key dates

02Disclosure timeline

August 25, 2024 CVE published

August 26, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-8151 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2019-25092 Nakiami Mellivora Admin Panel user.inc.php print_user_ip_log cross site scripting CVE-2024-33598 WordPress Annual Archive plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability CVE-2022-0399 Advanced Product Labels for WooCommerce < 1.2.3.7 - Reflected Cross-Site Scripting CVE-2025-30970 WordPress Easy Contact plugin <= 0.1.2 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2024-32570 WordPress Cornerstone plugin <= 0.8.0 - Reflected Cross Site Scripting (XSS) vulnerability