CVE-2024-13021

Name of the Vulnerable Software and Affected Versions SourceCodester Road Accident Map Marker version 1.0

Description A problematic issue has been found in the software, affecting some unknown functionality of the file /endpoint/add-mark.php. The manipulation of the mark name/details argument leads to cross site scripting. The attack may be launched remotely. Other parameters might be affected as well.

Recommendations For version 1.0, consider disabling access to the /endpoint/add-mark.php file until a patch is available. As a temporary workaround, avoid using the mark name/details argument in the affected endpoint to minimize the risk of exploitation. Restrict access to the vulnerable functionality to minimize the risk of remote attacks.