CVE-2023-2372

Name of the Vulnerable Software and Affected Versions SourceCodester Online DJ Management System version 1.0

Description A problematic issue has been found in the system, affecting some unknown functionality of the file classes/Master.php?f=save event. The manipulation of the name argument leads to cross-site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For version 1.0, consider disabling the functionality related to the classes/Master.php?f=save event file until a patch is available. Restrict access to this file to minimize the risk of exploitation. Avoid using the name argument in the affected API endpoint until the issue is resolved.