CVE-2018-1000868

Name of the Vulnerable Software and Affected Versions: WeBid versions up to 1.2.2

Description: The issue allows for Javascript execution in the user's browser and injection of malicious markup into the page due to a Cross Site Scripting (XSS) vulnerability in files such as user login.php and register.php. This can be exploited when a victim user clicks a malicious link.

Recommendations: For WeBid versions up to 1.2.2, update to a version that includes the fix committed after 256a5f9d3eafbc477dcf77c7682446cc4b449c7f to resolve the issue. As a temporary workaround, consider avoiding clicks on suspicious links to minimize the risk of exploitation.