Tfdi Design · Tfdi Design Smartcars 3 · CVE-2023-33780
**Name of the Vulnerable Software and Affected Versions**
TFDi Design smartCARS 3 versions 0.7.0 and below
**Description**
A stored cross-site scripting issue allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the body of a news article.
**Recommendations**
For versions 0.7.0 and below, update to a version above 0.7.0 to resolve the issue.
As a temporary workaround, consider restricting user input in news articles to minimize the risk of exploitation.