How severe is CVE-2024-10842?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.8 out of 10.

What type of vulnerability is CVE-2024-10842?

This is classified as CWE-74, which is a common weakness in software security.

CVE-2024-10842 - MEDIUM Severity | CVSS 4.8

Vulnerability Description

A vulnerability, which was classified as problematic, has been found in romadebrian WEB-Sekolah 1.0. Affected by this issue is some unknown functionality of the file /Admin/Proses_Edit_Akun.php of the component Backend. The manipulation of the argument Username_Baru/Password leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2021-29208

MEDIUM

CVSS:4.8(Medium)

A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity...

CWE-742021

CVE-2021-29209

MEDIUM

CVSS:4.8(Medium)

CWE-742021

CVE-2021-29210

MEDIUM

CVSS:4.8(Medium)

CWE-742021

CVE-2021-30057

MEDIUM

CVSS:4.8(Medium)

A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.

CWE-742021

CVE-2022-22344

MEDIUM

CVSS:4.8(Medium)

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct v...

CWE-742022

CVE-2023-4157

MEDIUM

CVSS:4.8(Medium)

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3.

CWE-742023