CVE-2024-50545

Name of the Vulnerable Software and Affected Versions: Auburnforest DataMentor versions n/a through 1.7

Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS. This means that an attacker could potentially inject malicious scripts into the webpage, affecting the Document Object Model (DOM), which is the structure of the webpage.

Recommendations: For versions n/a through 1.7, consider disabling any functionality that allows user input to be directly reflected in the webpage generation process until a patch is available. Restrict access to sensitive areas of the webpage to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.