PT-2024-19310 · Unknown · Cybernetikz Post Views Stats

Dimas Maulana

Published

2024-01-31

Updated

2024-02-06

CVE-2024-22289

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions cybernetikz Post views Stats versions n/a through 1.3

Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS in cybernetikz Post views Stats.

Recommendations For versions n/a through 1.3, update to a version that fixes the Improper Neutralization of Input During Web Page Generation issue to prevent Reflected XSS attacks. As a temporary workaround, consider restricting user input to prevent malicious scripts from being injected into the web page generation process.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2024-22289

Affected Products

Cybernetikz Post Views Stats

PT-2024-19310 · Unknown · Cybernetikz Post Views Stats

CVE-2024-22289

Weakness Enumeration

Related Identifiers

Affected Products

References · 6