CVE-2022-32407

Name of the Vulnerable Software and Affected Versions Softr version 2.0

Description A Cross-Site Scripting (XSS) issue was found, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload. The vulnerability is exploited through the First Name parameter under the Create A New Account module.

Recommendations For Softr version 2.0, consider restricting access to the Create A New Account module until a fix is available, and avoid using the First Name parameter in this context to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.