CVE-2023-3785

Name of the Vulnerable Software and Affected Versions PaulPrinting CMS version 2018

Description A vulnerability was found in the software, allowing for cross-site scripting through the manipulation of the firstname, lastname, address, city, and state arguments. The attack can be launched remotely.

Recommendations For PaulPrinting CMS version 2018, consider disabling the functionality that handles the firstname, lastname, address, city, and state arguments until a patch is available. Restrict access to the affected functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.