CVE-2023-7051

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Notes Sharing System version 1.0

Description A vulnerability was found in the PHPGurukul Online Notes Sharing System, affecting some unknown functionality of the file /user/manage-notes.php of the component Notes Handler. The manipulation of the delid argument leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For PHPGurukul Online Notes Sharing System version 1.0, consider disabling the delid argument in the /user/manage-notes.php file as a temporary workaround to minimize the risk of exploitation. Restrict access to the Notes Handler component to minimize the risk of exploitation. Avoid using the delid argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.