CVE-2023-0785

Name of the Vulnerable Software and Affected Versions SourceCodester Best Online News Portal version 1.0

Description A vulnerability was found in the file check availability.php, where the manipulation of the username argument leads to exposure of sensitive information through data queries. The attack can be launched remotely and has a rather high complexity, making exploitation difficult. The exploit has been disclosed to the public and may be used.

Recommendations For version 1.0, consider restricting access to the check availability.php file until a patch is available. As a temporary workaround, avoid using the username argument in the affected functionality to minimize the risk of exploitation.