CVE-2023-31816

Name of the Vulnerable Software and Affected Versions IT Sourcecode Content Management System Project In PHP and MySQL With Source Code version 1.0.0

Description The issue concerns a Cross Site Scripting (XSS) vulnerability. This vulnerability can be exploited via the "/ecodesource/search list.php" API endpoint. Cross Site Scripting (XSS) is a type of security vulnerability that occurs when an attacker is able to inject malicious scripts into a website, which are then executed by the user's browser. This can allow the attacker to steal user data, take control of the user's session, or perform other malicious actions.

Recommendations For IT Sourcecode Content Management System Project In PHP and MySQL With Source Code version 1.0.0, as a temporary workaround, consider restricting access to the "/ecodesource/search list.php" endpoint until a patch is available. Avoid using this endpoint in a way that could allow an attacker to inject malicious scripts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.