CVE-2024-0260

Name of the Vulnerable Software and Affected Versions SourceCodester Engineers Online Portal version 1.0

Description A problematic vulnerability was found in the Password Change component of the SourceCodester Engineers Online Portal. The issue affects an unknown function of the file change password teacher.php and leads to session expiration. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations For version 1.0, consider restricting access to the change password teacher.php file until a patch is available. As a temporary workaround, avoid using the Password Change component to minimize the risk of exploitation.