PT-2023-24334 · Minical · Minical

Thirukrishnan

·

Publicado

2023-06-05

·

Atualizado

2025-01-08

·

CVE-2023-33408

CVSS v3.1

5.4

Média

VetorAV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Minical version 1.0.0
Description The issue is related to Cross Site Scripting (XSS) and is caused by insufficient input validation in the application's user input handling in the security helper.php file.
Recommendations For Minical version 1.0.0, ensure proper input validation is implemented in the security helper.php file to prevent XSS attacks. As a temporary workaround, consider restricting user input handling until a patch is available.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2023-33408

Produtos afetados

Minical