CVE-2017-7205

Name of the Vulnerable Software and Affected Versions GamePanelX-V3 version 3.0.12

Description A Cross-Site Scripting issue was discovered due to insufficient filtration of user-supplied data passed to the "GamePanelX-V3-master/ajax/ajax.php" API endpoint. This allows an attacker to execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Recommendations For GamePanelX-V3 version 3.0.12, consider restricting access to the "GamePanelX-V3-master/ajax/ajax.php" API endpoint until a fix is available. As a temporary workaround, ensure proper filtration of user-supplied data to prevent the execution of arbitrary code. At the moment, there is no information about a newer version that contains a fix for this issue.