CVE-2023-3556

Name of the Vulnerable Software and Affected Versions GZ Scripts Car Listing Script PHP version 1.8

Description A vulnerability was found in the file /preview.php, where the manipulation of the page/sort by argument leads to cross-site scripting. The attack can be initiated remotely. The vendor was contacted about this disclosure but did not respond.

Recommendations For GZ Scripts Car Listing Script PHP version 1.8, as a temporary workaround, consider restricting access to the /preview.php file until a patch is available. Avoid using the page/sort by argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.