{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-7683","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-08-11T18:05:59.782Z","datePublished":"2024-08-12T01:00:10.271Z","dateUpdated":"2024-08-13T20:10:26.916Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-08-12T01:00:10.271Z"},"title":"SourceCodester Kortex Lite Advocate Office Management System addcase_stage.php cross site scripting","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-79","lang":"en","description":"CWE-79 Cross Site Scripting"}]}],"affected":[{"vendor":"SourceCodester","product":"Kortex Lite Advocate Office Management System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability classified as problematic has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected is an unknown function of the file addcase_stage.php. The manipulation of the argument cname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."},{"lang":"de","value":"Es wurde eine problematische Schwachstelle in SourceCodester Kortex Lite Advocate Office Management System 1.0 entdeckt. Es betrifft eine unbekannte Funktion der Datei addcase_stage.php. Durch das Beeinflussen des Arguments cname mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":3.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.5,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":4,"vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N"}}],"timeline":[{"time":"2024-08-11T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-08-11T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-08-11T20:11:23.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"samwbs (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.274140","name":"VDB-274140 | SourceCodester Kortex Lite Advocate Office Management System addcase_stage.php cross site scripting","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.274140","name":"VDB-274140 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.389162","name":"Submit #389162 | SourceCodester Kortex Lite Advocate Office Management System 1.0 Cross Site Scripting","tags":["third-party-advisory"]},{"url":"https://github.com/samwbs/kortexcve/blob/main/xss_addcase_stage/xss_addcase_stage.md","tags":["exploit"]}]},"adp":[{"affected":[{"vendor":"sourcecodester","product":"kortex_lite_advocate_office_management_system","cpes":["cpe:2.3:a:sourcecodester:kortex_lite_advocate_office_management_system:1.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"1.0","status":"affected"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-08-13T20:09:28.075052Z","id":"CVE-2024-7683","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-08-13T20:10:26.916Z"}}]}}