CVE-2024-24041 Information

Description

A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php.

Reference

https://portswigger.net/web-security/cross-site-scripting https://github.com/tubakvgc/CVE/blob/main/Travel_Journal_App.md