CVE-2024-24136

Name of the Vulnerable Software and Affected Versions Sourcecodester Math Game with Leaderboard version 1.0

Description The issue concerns a Cross-Site Scripting (XSS) attack vulnerability. Specifically, the 'Your Name' field in the Submit Score section is affected. This type of attack occurs when an application includes user input in its output without proper validation, allowing an attacker to inject malicious scripts into the application.

Recommendations For version 1.0, consider validating and sanitizing user input in the 'Your Name' field to prevent XSS attacks. As a temporary workaround, restrict user input to only allow expected characters and formats.