A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file /login.php of the component Login Page. The manipulation of the argument emailcookie/passwordcookie leads to cross site scripting.
This vulnerability was named CVE-2024-2266. The attack can be initiated remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.