CVE-2022-45225

Name of the Vulnerable Software and Affected Versions Book Store Management System version 1.0

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the book title parameter in the "/bsms ci/index.php/book" API endpoint.

Recommendations For Book Store Management System version 1.0, as a temporary workaround, consider restricting access to the "/bsms ci/index.php/book" endpoint or sanitizing the book title parameter to prevent injection of malicious payloads. At the moment, there is no information about a newer version that contains a fix for this vulnerability.