CVE-2024-1700

Name of the Vulnerable Software and Affected Versions keerti1924 PHP-MYSQL-User-Login-System version 1.0

Description A problematic vulnerability was found in the keerti1924 PHP-MYSQL-User-Login-System. The issue affects an unknown function of the file /signup.php. By manipulating the username argument with malicious input, such as <script>alert("xss")</script>, it is possible to launch a cross-site scripting attack remotely. The exploit has been publicly disclosed.

Recommendations For keerti1924 PHP-MYSQL-User-Login-System version 1.0, as a temporary workaround, consider validating and sanitizing the username input to prevent cross-site scripting attacks. Restrict access to the /signup.php file until a proper fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.