CVE-2019-25156

Name of the Vulnerable Software and Affected Versions dstar2018 Agency versions up to 61

Description A problematic vulnerability was found in an unknown functionality of the file search.php, where the manipulation of the argument QSType/QuickSearch leads to cross-site scripting. The attack can be launched remotely.

Recommendations For dstar2018 Agency versions up to 61, apply the patch 975b56953efabb434519d9feefcc53685fb8d0ab to fix this issue. As a temporary workaround, consider restricting access to the search.php file and the QSType/QuickSearch argument to minimize the risk of exploitation.