CVE-2024-8411

LOW 3.5

ABCD ABCD2 buscar_integrada.php cross site scripting

CVSS Score

3.5

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability was determined in ABCD ABCD2 up to 2.2.0-beta-1. Impacted is an unknown function of the file /buscar_integrada.php. Executing a manipulation of the argument Sub_Expresion can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The developer explains, that "this script has been completely redesigned after this version".

CWE	CWE-79 CWE-94
Vendor	abcd
Product	abcd2
Published	Sep 4, 2024
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for abcd abcd2

Be the first to know when new low vulnerabilities affecting abcd abcd2 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

ABCD / ABCD2

2.2.0-beta-1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.276491 vuldb.com: https://vuldb.com/?ctiid.276491 vuldb.com: https://vuldb.com/?submit.398843 github.com: https://github.com/peritocibernetico/ABCD_Vulnerabilities

Credits

🔍 peritocibernetico (VulDB User)