CVE-2024-0345

Name of the Vulnerable Software and Affected Versions CodeAstro Vehicle Booking System version 1.0

Description A problematic issue was found in the User Registration component, specifically in the file usr/usr-register.php. The manipulation of the Full Name, Last Name, or Address arguments with malicious input, such as <script>alert(document.cookie)</script>, leads to cross-site scripting. This issue can be exploited remotely.

Recommendations For CodeAstro Vehicle Booking System version 1.0, consider disabling the User Registration component, specifically the file usr/usr-register.php, until a patch is available. Restrict access to the usr/usr-register.php file to minimize the risk of exploitation. Avoid using the Full Name, Last Name, and Address arguments in the affected component until the issue is resolved.