What is CVE-2024-13013 — XSS in Maid Hiring Management System?

CVE-2024-13013 is a cross-site scripting (XSS) vulnerability in PHPGurukul Maid Hiring Management System versions 1.0–1.0, allowing attackers to inject malicious scripts via the 'page title' parameter.

Am I affected by CVE-2024-13013 in Maid Hiring Management System?

You are affected if you are running Maid Hiring Management System version 1.0–1.0. Upgrade to version 1.0.1 to resolve the vulnerability.

How do I fix CVE-2024-13013 in Maid Hiring Management System?

Upgrade to version 1.0.1. As a temporary workaround, implement input validation and output encoding on the 'page title' parameter in /admin/contactus.php.

Is CVE-2024-13013 being actively exploited?

While no active campaigns have been confirmed, the vulnerability is publicly disclosed, increasing the risk of exploitation.

Where can I find the official Maid Hiring Management System advisory for CVE-2024-13013?

Refer to the PHPGurukul website or relevant security mailing lists for the official advisory regarding CVE-2024-13013.

LOWCVE-2024-13013CVSS 2.4

Vulnerabilidade de Cross Site Scripting (XSS) na página de contato contactus.php do PHPGurukul Maid Hiring Management System

Plataforma

php

Componente

maid-hiring-management-system

Vulnerabilidade de Cross Site Scripting (XSS) na página de contato contactus.php do PHPGurukul Maid Hiring Management System

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigir

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2024-13013 — XSS in Maid Hiring Management System?

Am I affected by CVE-2024-13013 in Maid Hiring Management System?

How do I fix CVE-2024-13013 in Maid Hiring Management System?

Is CVE-2024-13013 being actively exploited?

Where can I find the official Maid Hiring Management System advisory for CVE-2024-13013?

Seu projeto está afetado?