{"id":"CVE-2024-0726","details":"A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin_login.php of the component Admin Login Module. The manipulation of the argument msg with the input test%22%3Cscript%3Ealert(%27Torada%27)%3C/script%3E leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251549 was assigned to this vulnerability.","modified":"2026-03-14T12:23:47.939939Z","published":"2024-01-19T18:15:08.350Z","references":[{"type":"ADVISORY","url":"https://vuldb.com/?id.251549"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.251549"},{"type":"EVIDENCE","url":"https://torada.notion.site/Reflected-Cross-site-scripting-at-Project-Allocation-System-d94c7c489c2d48efa23b21a90dd0e03f?pvs=4"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-0726.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}