CVE-2023-3828

Name of the Vulnerable Software and Affected Versions Bug Finder Listplace Directory Listing Platform version 3.0

Description A vulnerability was found in the Bug Finder Listplace Directory Listing Platform, affecting an unknown part of the file /listplace/user/coverPhotoUpdate of the component Photo Handler. The manipulation of the user cover photo argument leads to cross-site scripting. It is possible to initiate the attack remotely.

Recommendations For version 3.0, as a temporary workaround, consider restricting access to the coverPhotoUpdate function in the Photo Handler component until a patch is available. Avoid using the user cover photo argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.