CVE-2024-8328

HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - Reflected XSS

Description

Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary JavaScript code and perform Reflected Cross-site scripting attacks.

INFO

Published Date :

2024-08-30T02:20:50.472Z

Last Modified :

2024-08-30T14:39:34.156Z

Source :

twcert

AFFECTED PRODUCTS

The following products are affected by CVE-2024-8328 vulnerability.

Vendors	Products
Easy Test Online Learning And Testing Platform Project	Easy Test Online Learning And Testing Platform

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-8328.

URL	Resource
https://www.twcert.org.tw/en/cp-139-8033-0a98f-2.html
https://www.twcert.org.tw/tw/cp-132-8028-360e1-1.html

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact