CVE-2022-43018

Name of the Vulnerable Software and Affected Versions OpenCATS version 0.9.6

Description The issue is related to a reflected cross-site scripting (XSS) vulnerability in the Check Email function of OpenCATS. This vulnerability can be exploited via the email parameter, potentially allowing a remote attacker to conduct cross-site scripting attacks. The vulnerability is associated with a lack of protection for the web page structure.

Recommendations For OpenCATS version 0.9.6, as a temporary workaround, consider restricting the use of the email parameter in the Check Email function until a patch is available. Avoid using the email parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.