CVE-2024-41347

Name of the Vulnerable Software and Affected Versions openflights commit 5234b5b

Description The issue is related to Cross-Site Scripting (XSS) via the php/settings.php file. This allows for potential malicious script execution. No information is provided about the estimated number of affected devices or real-world incidents.

Recommendations For openflights commit 5234b5b, consider restricting access to the php/settings.php file until a fix is available. As a temporary workaround, avoid using the vulnerable php/settings.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.