Vulnerability Details CVE-2024-45986
A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account information is accessed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.7%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2024-45986
-
cpe:2.3:a:projectworlds:online_voting_system_project:1.0