CVE-2024-11743

Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0

Description A problematic issue was found in the system, affecting an unknown function of the file "/rental/ajax.php?action=delete user" of the component POST Request Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely.

Recommendations For version 1.0, as a temporary workaround, consider disabling the delete user function in the "/rental/ajax.php?action=delete user" endpoint until a patch is available. Restrict access to the vulnerable POST Request Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.