PT-2024-38614 · Exnet Informatics · Exnet Informatics Software Ferry Reservation System
Yağız Bi̇lgi̇li̇
·
Published
2024-09-23
·
Updated
2024-09-26
·
CVE-2024-7835
CVSS v4.0
8.8
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:L |
Name of the Vulnerable Software and Affected Versions
Exnet Informatics Software Ferry Reservation System versions prior to 240805-002
Description
The issue affects the Exnet Informatics Software Ferry Reservation System, allowing Reflected XSS due to Improper Neutralization of Input During Web Page Generation. This is a type of Cross-site Scripting vulnerability.
Recommendations
For versions prior to 240805-002, update the system to a version that includes the security patch to mitigate the risk of Reflected XSS. As a temporary workaround, consider restricting user input to minimize the risk of exploitation. Ensure that all user-generated content is properly sanitized before being displayed on the web page.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Exnet Informatics Software Ferry Reservation System