{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-8411","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-09-04T08:39:18.356Z","datePublished":"2024-09-04T15:00:06.194Z","dateUpdated":"2026-02-26T18:21:32.082Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2026-02-26T18:21:32.082Z"},"title":"ABCD ABCD2 buscar_integrada.php cross site scripting","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-79","lang":"en","description":"Cross Site Scripting"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-94","lang":"en","description":"Code Injection"}]}],"affected":[{"vendor":"ABCD","product":"ABCD2","versions":[{"version":"2.2.0-beta-1","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability was determined in ABCD ABCD2 up to 2.2.0-beta-1. Impacted is an unknown function of the file /buscar_integrada.php. Executing a manipulation of the argument Sub_Expresion can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The developer explains, that \"this script has been completely redesigned after this version\"."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.1,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":3.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.5,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":4,"vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2024-09-04T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-09-04T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2026-02-26T19:25:30.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"peritocibernetico (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.276491","name":"VDB-276491 | ABCD ABCD2 buscar_integrada.php cross site scripting","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.276491","name":"VDB-276491 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.398843","name":"Submit #398843 | ABCD Community ABCD2 2.x Cross Site Scripting","tags":["third-party-advisory"]},{"url":"https://github.com/peritocibernetico/ABCD_Vulnerabilities","tags":["exploit"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-09-04T18:21:31.222916Z","id":"CVE-2024-8411","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-04T18:21:40.579Z"}}]}}