CVE-2024-11078

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions code-projects Job Recruitment version 1.0

Description A high-severity vulnerability has been identified in code-projects Job Recruitment. The vulnerability affects an unknown functionality of the file /register.php. The manipulation of the argument e/role leads to cross-site scripting. The attack can be launched remotely.

Recommendations To mitigate risks, update to the latest version of code-projects Job Recruitment. As a temporary workaround, consider restricting access to the /register.php file until a patch is available. Avoid using the e/role argument in the affected file until the issue is resolved.

Exploit

Fix

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-94

Related Identifiers

CVE-2024-11078

Affected Products

Code-Projects Job Recruitment

CVE-2024-11078

Weakness Enumeration

Related Identifiers

Affected Products

References · 31