CVE-2018-13039

Name of the Vulnerable Software and Affected Versions OpenSID version 18.06-pasca

Description The issue is related to reflected Cross Site Scripting (XSS) that can be triggered via the cari parameter in an index.php/first?cari= URI. This allows for potential malicious script injection.

Recommendations For OpenSID version 18.06-pasca, avoid using the cari parameter in the affected API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the index.php/first endpoint to minimize the risk of exploitation.