CVE-2024-6526

Name of the Vulnerable Software and Affected Versions CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03

Description A problematic vulnerability has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap. The manipulation of the argument search title/catName/sub/name/categorie leads to cross-site scripting. It is possible to initiate the attack remotely. Increased actor activities are shown targeting this software.

Recommendations To fix this issue, it is recommended to apply a patch. At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the vulnerable argument search title/catName/sub/name/categorie to minimize the risk of exploitation.