CVE-2022-43016

Name of the Vulnerable Software and Affected Versions OpenCATS version 0.9.6

Description The issue is related to a reflected cross-site scripting (XSS) vulnerability in the callback component of OpenCATS. This vulnerability can be exploited by a remote attacker to conduct cross-site scripting attacks, potentially allowing them to execute malicious scripts on the victim's browser. The vulnerability is associated with the failure to protect the web page structure.

Recommendations For OpenCATS version 0.9.6, consider disabling the callback component as a temporary workaround until a patch is available. Restrict access to the callback component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.