CVE-2024-39090 Information

Description

The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user’s session potentially leading to account takeover.

Reference

https://github.com/arijitdirghanji/My-CVEs/blob/main/CVE-2024-39090.md