CVE-2024-2276

Name of the Vulnerable Software and Affected Versions Bdtask G-Prescription Gynaecology & OBS Consultation Software version 1.0

Description A vulnerability has been found in the software, classified as problematic. It affects an unknown functionality of the file /Venue controller/edit venue/ of the component Edit Venue Page. The manipulation of the Venue map argument leads to cross-site scripting. The attack can be launched remotely.

Recommendations For Bdtask G-Prescription Gynaecology & OBS Consultation Software version 1.0, consider restricting access to the Edit Venue Page, specifically the /Venue controller/edit venue/ file, to minimize the risk of exploitation. As a temporary workaround, avoid using the Venue map argument in the affected component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.