CVE-2023-25241

Name of the Vulnerable Software and Affected Versions bgERP version 22.31

Description A reflected cross-site scripting (XSS) issue was found, which can be exploited via the Search parameter. This allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions or data theft.

Recommendations For bgERP version 22.31, as a temporary workaround, consider restricting access to the Search parameter until a patch is available. Avoid using the Search parameter in sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.