CVE-2024-8328 MEDIUM

CVE-2024-8328: HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - Reflected XSS

Vendor Hwa Jiuh Digital Technology
Product Easy test Online Learning and Testing Platform
Weakness CWE-79 · XSS
Published August 30, 2024
Last update August 30, 2024
View on NVD All CVEs

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary JavaScript code and perform Reflected Cross-site scripting attacks.

Key dates

02Disclosure timeline

August 30, 2024 CVE published
August 30, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-46254 WordPress Visual Composer Website Builder plugin <= 45.10.0 - Cross Site Scripting (XSS) vulnerability CVE-2025-26395 SolarWinds SWOSH DOM-based reflective XSS Vulnerability CVE-2023-5614 Theme Switcha <= 3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-51399 WordPress Back Button Widget Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS) CVE-2018-5411 Pixar's Tractor software, versions 2.2 and earlier, contains a stored cross-site scripting vulnerability