PT-2023-24969 · Unknown · Simplephpscripts Classified Ads Script
Skalvin
·
Published
2023-06-29
·
Updated
2024-05-17
·
CVE-2023-3465
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SimplePHPscripts Classified Ads Script version 1.8
Description
A vulnerability was found in the HTTP POST Request Handler component, specifically in the file user.php. The manipulation of the
title argument leads to cross-site scripting. The attack can be launched remotely. It is recommended to upgrade the affected component.Recommendations
For SimplePHPscripts Classified Ads Script version 1.8, it is recommended to upgrade the affected component to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the
user.php file or disabling the HTTP POST Request Handler component until a patch is available.Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Simplephpscripts Classified Ads Script