CVE-2023-46016

Name of the Vulnerable Software and Affected Versions Code-Projects Blood Bank version 1.0

Description The issue allows attackers to run arbitrary code via the search parameter in the application URL. This is due to a Cross Site Scripting (XSS) flaw in the abs.php file.

Recommendations For Code-Projects Blood Bank version 1.0, avoid using the search parameter in the application URL until the issue is resolved. As a temporary workaround, consider restricting access to the abs.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.