CVE-2024-46300

Name of the Vulnerable Software and Affected Versions itsourcecode Placement Management System version 1.0

Description The issue is related to Cross Site Scripting (XSS) via the Full Name field in registration.php. This allows for potential malicious script injection. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For itsourcecode Placement Management System version 1.0, consider disabling the Full Name field in registration.php as a temporary workaround until a patch is available. Restrict access to the registration.php page to minimize the risk of exploitation. Avoid using the Full Name field in the affected registration.php page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.