CVE-2024-24494

Name of the Vulnerable Software and Affected Versions Daily Habit Tracker version 1.0

Description A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the day, exercise, pray, read book, vitamins, laundry, alcohol, and meat parameters in the "add-tracker.php" and "update-tracker.php" components.

Recommendations For Daily Habit Tracker version 1.0, consider disabling the add-tracker.php and update-tracker.php components until a patch is available to prevent exploitation. Restrict access to these components to minimize the risk of arbitrary code execution. Avoid using the day, exercise, pray, read book, vitamins, laundry, alcohol, and meat parameters in the affected components until the issue is resolved.