CVE-2024-0262

Name of the Vulnerable Software and Affected Versions Online Job Portal version 1.0

Description A problematic issue was found in the Create News Page component, specifically in the /Admin/News.php file. The manipulation of the News argument with malicious input, such as </title><scRipt>alert(0x00C57D)</scRipt>, leads to cross-site scripting. This issue can be exploited remotely.

Recommendations For Online Job Portal version 1.0, as a temporary workaround, consider restricting access to the /Admin/News.php file and the Create News Page component to minimize the risk of exploitation. Avoid using the News argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.