CVE-2024-9147

Name of the Vulnerable Software and Affected Versions Bna Informatics PosPratik versions prior to 3.2.1

Description A Basic XSS vulnerability is found in Bna Informatics PosPratik, which fails to neutralize script-related HTML tags properly. This allows XSS through HTTP query strings.

Recommendations For versions prior to 3.2.1, update to version 3.2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to HTTP query strings to minimize the risk of exploitation. Avoid using user-supplied input in HTTP query strings until the issue is resolved.