CVE-2024-9033

Name of the Vulnerable Software and Affected Versions: SourceCodester Best House Rental Management System version 1.0

Description: A vulnerability has been found in the system, classified as problematic, affecting an unknown functionality of the file /ajax.php?action=save category. The manipulation of the name argument leads to cross-site scripting. The attack can be launched remotely. This issue poses risks such as data theft and site defacement.

Recommendations: For version 1.0, patch the system and validate input on the backend to prevent exploitation. As a temporary workaround, consider restricting access to the /ajax.php?action=save category endpoint until a patch is available. Additionally, avoid using the name argument in the affected endpoint until the issue is resolved.