CVE-2024-8152 MEDIUM

CVE-2024-8152: SourceCodester QR Code Bookmark System Parameter add-bookmark.php cross site scripting

Vendor Sourcecodester
Product QR Code Bookmark System
Weakness CWE-79 · XSS
Published August 25, 2024
Last update August 26, 2024
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /endpoint/add-bookmark.php of the component Parameter Handler. The manipulation of the argument name/url leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Key dates

02Disclosure timeline

August 25, 2024 CVE published
August 26, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-30832 WordPress Themify Event Post Plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability CVE-2024-2533 MAGESH-K21 Online-College-Event-Hall-Reservation-System update-users.php cross site scripting CVE-2022-47415 LogicalDOC Messaging Stored XSS CVE-2023-48559 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) CVE-2026-2834 Age Verification & Identity Verification by Token of Trust <= 3.32.3 - Unauthenticated Stored Cross-Site Scripting via 'description' Parameter