CVE-2024-56235

Name of the Vulnerable Software and Affected Versions Coupon versions 1.2.1 and earlier

Description The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This means that an attacker could potentially inject malicious scripts into the website, affecting users who interact with the compromised page. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the vulnerability of the Coupon plugin to DOM-Based XSS.

Recommendations For versions 1.2.1 and earlier, update to a version that contains a fix for this issue, as the current version is affected by the DOM-Based XSS vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.