CVE-2018-15188

Name of the Vulnerable Software and Affected Versions PHP Scripts Mall advanced-real-estate-script version 4.0.9

Description The issue allows remote attackers to cause a denial of service, resulting in page structure loss, by injecting crafted JavaScript code into the Name field of a user profile.

Recommendations For PHP Scripts Mall advanced-real-estate-script version 4.0.9, consider validating and sanitizing user input in the Name field to prevent the injection of malicious JavaScript code as a temporary workaround. Restrict access to profile editing features to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.