CVE-2018-5479

Name of the Vulnerable Software and Affected Versions FoxSash ImgHosting version 1.5

Description The issue allows for XSS attacks, specifically through the search engine function via the search parameter to the default URI. This could enable attackers to steal user and admin sessions by sending infected URLs, which would execute malicious code.

Recommendations For FoxSash ImgHosting version 1.5, as a temporary workaround, consider disabling the search function until a patch is available. Restrict access to the user/admin login interface to minimize the risk of session theft. Avoid using the search parameter in the affected URI until the issue is resolved.