CVE-2024-9007

Name of the Vulnerable Software and Affected Versions: jeanmarc77 123solar version 1.8.4.5

Description: A problematic issue has been found in the software, affecting an unknown part of the file /detailed.php. The manipulation of the date1 argument leads to cross-site scripting. It is possible to initiate the attack remotely.

Recommendations: For version 1.8.4.5, apply the patch named 94bf9ab7ad0ccb7fbdc02f172f37f0e2ea08d48f to fix this issue. As a temporary workaround, consider restricting access to the /detailed.php file until the patch is applied. Avoid manipulating the date1 argument in the affected file to minimize the risk of exploitation.