CVE-2024-48623

Name of the Vulnerable Software and Affected Versions DomainMOD versions prior to 4.12.0

Description The issue is related to a reflected Cross Site Scripting (XSS) vulnerability in the queueindex.php file of DomainMOD. The list id and domain id parameters in the GET request can be exploited to cause this issue.

Recommendations For versions prior to 4.12.0, update to version 4.12.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the queueindex.php file or validating and sanitizing the list id and domain id parameters in the GET request to minimize the risk of exploitation.