CVE-2023-48730

Name of the Vulnerable Software and Affected Versions WWBN AVideo dev master commit 15fed957fb

Description A cross-site scripting (xss) issue exists in the navbarMenuAndLogo.php user name functionality. This allows an attacker to execute arbitrary Javascript code through a specially crafted HTTP request. An attacker can exploit this by getting a user to visit a malicious webpage.

Recommendations For WWBN AVideo dev master commit 15fed957fb, consider disabling the user name functionality in navbarMenuAndLogo.php until a patch is available to prevent arbitrary Javascript execution. Restrict access to this functionality to minimize the risk of exploitation. Avoid using the user name field in the navbarMenuAndLogo.php file until the issue is resolved.