216.73.217.139

CVE-2024-5312

· Published 24/05/2024 11:15 · Modified 24/05/2024 13:03

Labels: CVE-2024-5312 2024-05-24CVE-2024-5312CWE-79[email protected]

Essential information

Published
24/05/2024 11:15
Modified
24/05/2024 13:03
Author
Creator
CVSS
6.3 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVSS metrics

Description

PHP Server Monitor, version 3.2.0, is vulnerable to an XSS via the /phpservermon-3.2.0/vendor/phpmailer/phpmailer/test_script/index.php page in all visible parameters. An attacker could create a specially crafted URL, send it to a victim and retrieve their session details.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References