Vulnerabilities

CVE-2024-26472

by Fred · 29/02/2024

KLiK SocialMediaWebsite version 1.0.1 from msaad1999 has a reflected cross-site scripting (XSS) vulnerability which may allow remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the ‘selector’ or ‘validator’ parameters of ‘create-new-pwd.php’.

More information : https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2024-26472

Similar

Tags: Cybersecurity Alert