PT-2024-40380 · Softwarex · Softwarex
Published
2024-05-23
·
Updated
2024-05-23
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SoftwareX versions prior to 3.1.14
Description
The issue arises during installation, where certain parameters (
admin username and admin password) are not properly escaped in the setup form.Recommendations
For versions prior to 3.1.14, update to version 3.1.14 or later and remove the specified file prior to deploying to a production server.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Softwarex