CVE-2024-42790

Name of the Vulnerable Software and Affected Versions Kashipara Music Management System version 1.0

Description A Reflected Cross Site Scripting (XSS) issue was found in the "/music/index.php?page=test" endpoint, allowing remote attackers to execute arbitrary code via the page parameter. This enables attackers to compromise the application and user data.

Recommendations For Kashipara Music Management System version 1.0, as a temporary workaround, consider validating and sanitizing the page parameter in the "/music/index.php?page=test" endpoint to prevent XSS attacks. Additionally, restrict access to this endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.