CVE-2019-20336

Name of the Vulnerable Software and Affected Versions PHP Scripts Mall advanced-real-estate-script version 4.0.9

Description The issue concerns a problem where the searchtext parameter in the "search-results.php" endpoint is vulnerable to XSS. This means an attacker could potentially inject malicious scripts into the website, affecting users who visit the page.

Recommendations For version 4.0.9, consider validating and sanitizing the searchtext parameter in the "search-results.php" endpoint to prevent XSS attacks. As a temporary workaround, restrict access to the search functionality until a proper fix is applied.