CVE-2023-6027

Name of the Vulnerable Software and Affected Versions elijaa/phpmemcachedadmin version 1.3.0

Description A critical flaw has been identified, specifically related to a stored XSS vulnerability, allowing malicious actors to insert a carefully crafted JavaScript payload. The issue arises from improper encoding of user-controlled entries in the "/pmcadmin/configure.php" parameter.

Recommendations For version 1.3.0, consider disabling access to the "/pmcadmin/configure.php" endpoint until a patch is available to prevent exploitation of the stored XSS vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.