CVE-2024-37625

Name of the Vulnerable Software and Affected Versions zhimengzhe iBarn version 1.5

Description A reflected cross-site scripting (XSS) issue was discovered, which can be exploited via the search parameter at the "/index.php" API endpoint. This allows for potentially malicious scripts to be executed.

Recommendations For zhimengzhe iBarn version 1.5, as a temporary workaround, consider restricting access to the /index.php endpoint or sanitizing the search parameter to prevent XSS attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.