{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-3320","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-04-04T16:18:48.489Z","datePublished":"2024-04-05T00:00:05.166Z","dateUpdated":"2024-08-01T20:05:08.380Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-04-05T00:00:05.166Z"},"title":"SourceCodester eLearning System cross site scripting","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-79","lang":"en","description":"CWE-79 Cross Site Scripting"}]}],"affected":[{"vendor":"SourceCodester","product":"eLearning System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in SourceCodester eLearning System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument page leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-259388."},{"lang":"de","value":"Eine problematische Schwachstelle wurde in SourceCodester eLearning System 1.0 ausgemacht. Betroffen davon ist ein unbekannter Prozess. Durch Manipulieren des Arguments page mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":3.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.5,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":4,"vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N"}}],"timeline":[{"time":"2024-04-04T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-04-04T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-04-04T18:24:05.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"qianzui1004 (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.259388","name":"VDB-259388 | SourceCodester eLearning System cross site scripting","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.259388","name":"VDB-259388 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.310103","name":"Submit #310103 | https://www.sourcecodester.com/ eLearning System 1.0 reflected XSS","tags":["third-party-advisory"]},{"url":"https://github.com/qqqyc/vuln/blob/main/eLearning%20System-XSS-01.md","tags":["related"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-3320","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-04-09T17:15:56.802849Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-05T17:22:37.546Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T20:05:08.380Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.259388","name":"VDB-259388 | SourceCodester eLearning System cross site scripting","tags":["vdb-entry","technical-description","x_transferred"]},{"url":"https://vuldb.com/?ctiid.259388","name":"VDB-259388 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required","x_transferred"]},{"url":"https://vuldb.com/?submit.310103","name":"Submit #310103 | https://www.sourcecodester.com/ eLearning System 1.0 reflected XSS","tags":["third-party-advisory","x_transferred"]},{"url":"https://github.com/qqqyc/vuln/blob/main/eLearning%20System-XSS-01.md","tags":["related","x_transferred"]}]}]}}