CVE-2023-26776

Name of the Vulnerable Software and Affected Versions Monitorr version 1.7.6

Description A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the title parameter of the "post receiver-services.php" file. This enables the attacker to inject malicious scripts into the website, potentially leading to unauthorized access or control.

Recommendations For Monitorr version 1.7.6, avoid using the title parameter in the "post receiver-services.php" file until a patch is available. As a temporary workaround, consider restricting access to the "post receiver-services.php" file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.