CVE-2024-12000

Name of the Vulnerable Software and Affected Versions code-projects Blood Bank System version 1.0

Description A problem has been found in the Setting Handler component, specifically in the /controllers/updatesettings.php file. The issue affects some unknown processes and can be exploited remotely. Manipulation of the firstname argument leads to cross-site scripting. Other parameters may also be affected.

Recommendations For code-projects Blood Bank System version 1.0, as a temporary workaround, consider restricting access to the /controllers/updatesettings.php file until a patch is available. Additionally, avoid using the firstname argument in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.