CVE-2024-12932
low-risk
Published 2024-12-26
A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file addSizeController.php. The manipulation of the argument size leads to cross site scripting. The attack can be launched remotely.
Do I need to act?
-
0.17% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.5/10
Low
NETWORK
/ LOW complexity
Affected Products (1)
Simple Admin Panel
Affected Vendors
References (5)
Product
https://code-projects.org/
Permissions Required
https://vuldb.com/?ctiid.289285
Third Party Advisory
https://vuldb.com/?id.289285
Third Party Advisory
https://vuldb.com/?submit.468123
22
/ 100
low-risk
Severity
16/34 · Moderate
Exploitability
1/34 · Minimal
Exposure
5/34 · Minimal