VDB-279959 · CVE-2024-9807 · GCVE-100-279959

Craig Rodway Classroombookings 2.8.7 Session Page /sessions ନାମ କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ

Rakkoon nageenyaa kan ସମସ୍ୟାଜନକ jedhamuun beekamu Craig Rodway Classroombookings 2.8.7 keessatti argameera. Miidhamni argame is hojii hin beekamne faayilii /sessions keessa kutaa Session Page keessa. Wanti jijjiirame irratti ନାମ gara କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ geessa. Rakkoo ibsuuf CWE yoo fayyadamte gara CWE-79 si geessa. Odeeffannoon kun yeroo 10/10/2024 maxxanfameera. Odeeffannoon kun buufachuuf github.com irratti argama. Dogoggorri kun CVE-2024-9807 jedhamee waamama. Weerara fageenya irraa jalqabuu ni danda'ama. Ibsa teeknikaa ni jira. Meeshaa balaa kana fayyadamuuf hin jirre. Ammas, gatii exploit might be approx. USD $0-$5k yeroo ammaa irratti argamuu danda'a. ଅପରିଭାଷିତ ta’uu isaa ibsameera. Akka 0-daytti, gatiin isaa daldala dhoksaa keessatti $0-$5k akka ta'e tilmaamameera. Qabiyyee miidhamte haaromsuuf gorsa ni kennama. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

2 ଆଡାପ୍ଟେସନ୍ · 59 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 10/10/2024 10:35 AM	ଅଦ୍ୟତନ 1/1 03/07/2025 12:29 PM
software_vendor	Craig Rodway	Craig Rodway
software_name	Classroombookings	Classroombookings
software_version	2.8.7	2.8.7
software_component	Session Page	Session Page
software_file	/sessions	/sessions
software_argument	Name	Name
vulnerability_cwe	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)
vulnerability_risk	1	1
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_pr	H	H
cvss3_vuldb_ui	R	R
cvss3_vuldb_s	U	U
cvss3_vuldb_c	N	N
cvss3_vuldb_i	L	L
cvss3_vuldb_a	N	N
cvss3_vuldb_rl	O	O
cvss3_vuldb_rc	C	C
advisory_url	https://github.com/JunMing27/CVE/blob/main/CVE%20-%20classroombookings%20Cross%20Site%20Scripting%20(XSS)%20at%20create%20and%20edit%20session%20page%20via%20Administrator%20Dashboard.md	https://github.com/JunMing27/CVE/blob/main/CVE%20-%20classroombookings%20Cross%20Site%20Scripting%20(XSS)%20at%20create%20and%20edit%20session%20page%20via%20Administrator%20Dashboard.md
countermeasure_name	ଅପଗ୍ରେଡ୍ କରନ୍ତୁ	ଅପଗ୍ରେଡ୍ କରନ୍ତୁ
upgrade_version	2.8.8	2.8.8
source_cve	CVE-2024-9807	CVE-2024-9807
cna_responsible	VulDB	VulDB
response_summary	The project maintainer was contacted early about the disclosure. He responded very quickly, friendly, and professional.	The project maintainer was contacted early about the disclosure. He responded very quickly, friendly, and professional.
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	L	L
cvss2_vuldb_au	M	M
cvss2_vuldb_ci	N	N
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	N	N
cvss2_vuldb_rc	C	C
cvss2_vuldb_rl	OF	OF
cvss4_vuldb_av	N	N
cvss4_vuldb_ac	L	L
cvss4_vuldb_pr	H	H
cvss4_vuldb_vc	N	N
cvss4_vuldb_vi	L	L
cvss4_vuldb_va	N	N
cvss2_vuldb_e	ND	ND
cvss3_vuldb_e	X	X
cvss4_vuldb_at	N	N
cvss4_vuldb_ui	N	P
cvss4_vuldb_sc	N	N
cvss4_vuldb_si	N	N
cvss4_vuldb_sa	N	N
cvss4_vuldb_e	X	X
cvss2_vuldb_basescore	3.3	3.3
cvss2_vuldb_tempscore	2.9	2.9
cvss3_vuldb_basescore	2.4	2.4
cvss3_vuldb_tempscore	2.3	2.3
cvss3_meta_basescore	2.4	2.4
cvss3_meta_tempscore	2.3	2.3
cvss4_vuldb_bscore	5.1	4.8
cvss4_vuldb_btscore	5.1	4.8
advisory_date	1728511200 (10/10/2024)	1728511200 (10/10/2024)
price_0day	$0-$5k	$0-$5k

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!