{
  "id": "CVE-2024-24041",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-02-01T20:50:05.760",
  "lastModified": "2024-02-01T21:30:44.493",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/tubakvgc/CVE/blob/main/Travel_Journal_App.md",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://portswigger.net/web-security/cross-site-scripting",
      "source": "cve@mitre.org"
    }
  ]
}