CVE-2023-3540

Name of the Vulnerable Software and Affected Versions SimplePHPscripts NewsLetter Script PHP version 2.4

Description A problematic issue was found in the URL Parameter Handler component, specifically in the /preview.php file, allowing for cross site scripting. The attack can be launched remotely, affecting an unknown function.

Recommendations For version 2.4, consider disabling the URL Parameter Handler component or restricting access to the /preview.php file until a fix is available. Avoid using potentially vulnerable URL parameters in the affected endpoint. At the moment, there is no information about a newer version that contains a fix for this issue.