CVE-2022-28078

Name of the Vulnerable Software and Affected Versions Home Owners Collection Management version 1

Description A reflected cross-site scripting (XSS) issue was found in the Admin panel. The vulnerability is exploited via the page parameter in the $ GET request. This allows an attacker to inject malicious scripts into the webpage, potentially leading to unauthorized actions or data theft.

Recommendations For Home Owners Collection Management version 1, as a temporary workaround, consider restricting access to the Admin panel or sanitizing the page parameter in the $ GET request to prevent malicious script injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.