CVE-2022-43142

Name of the Vulnerable Software and Affected Versions Password Storage Application version 1.0

Description A cross-site scripting (XSS) vulnerability in the add-fee.php component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter. This issue enables attackers to potentially steal user data or take control of user sessions.

Recommendations For Password Storage Application version 1.0, consider disabling the add-fee.php component until a patch is available to prevent exploitation of the XSS vulnerability. Restrict access to the cmddept parameter to minimize the risk of arbitrary script execution.