CVE-2023-31546

Name of the Vulnerable Software and Affected Versions DedeBIZ version 6.0.3

Description The issue allows attackers to run arbitrary code via the search feature. This is a Cross Site Scripting (XSS) issue, which means attackers can execute scripts in the context of another user's session, potentially leading to unauthorized actions.

Recommendations For DedeBIZ version 6.0.3, as a temporary workaround, consider disabling the search feature until a patch is available. Restrict access to the search functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.