CVE-2024-7359

Name of the Vulnerable Software and Affected Versions SourceCodester Tracking Monitoring Management System version 1.0

Description A vulnerability was found in the system, affecting some unknown functionality of the file "/ajax.php?action=save establishment". The manipulation of the name argument leads to cross-site scripting. The attack may be launched remotely.

Recommendations For version 1.0, patch immediately and validate all user input to prevent unauthorized access and data theft. As a temporary workaround, consider restricting access to the "/ajax.php?action=save establishment" endpoint until a patch is available.