CVE-2024-10842

Name of the Vulnerable Software and Affected Versions romadebrian WEB-Sekolah version 1.0

Description A vulnerability has been found in the file /Admin/Proses Edit Akun.php of the component Backend. The manipulation of the argument Username Baru/Password leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For romadebrian WEB-Sekolah version 1.0, update to the latest version immediately to mitigate risks. As a temporary workaround, consider restricting access to the /Admin/Proses Edit Akun.php file until a patch is available. Avoid using the Username Baru and Password arguments in the affected API endpoint until the issue is resolved.