CVE-2023-36139

Name of the Vulnerable Software and Affected Versions PHPJabbers Cleaning Business Software version 1.0

Description The issue allows remote attackers to take over accounts due to a lack of verification when changing an email address and/or password on the Profile Page.

Recommendations For PHPJabbers Cleaning Business Software version 1.0, consider temporarily restricting access to the Profile Page until a proper verification mechanism for email address and password changes is implemented. As a mitigation measure, restrict the ability to change email addresses and passwords to minimize the risk of account takeover. At the moment, there is no information about a newer version that contains a fix for this vulnerability.