CVE-2022-30464

Name of the Vulnerable Software and Affected Versions ChatBot App with Suggestion in PHP/OOP version 1.0

Description The issue is related to Cross Site Scripting (XSS) via the /simple chat bot/classes/Master.php?f=save response API endpoint. This allows for potential malicious script injection. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations For ChatBot App with Suggestion in PHP/OOP version 1.0, consider disabling access to the /simple chat bot/classes/Master.php?f=save response endpoint until a patch is available. Avoid using the f parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.