CVE-2023-3835

Name of the Vulnerable Software and Affected Versions Bug Finder MineStack version 1.0

Description A problematic issue has been discovered, affecting the Ticket Handler component, specifically an unknown part of the file /user/ticket/create. The manipulation of the message argument leads to cross-site scripting. This issue can be initiated remotely. The vendor was contacted about this disclosure but did not respond.

Recommendations For Bug Finder MineStack version 1.0, as a temporary workaround, consider restricting access to the /user/ticket/create file until a patch is available. Avoid using the message argument in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.