CVE-2024-44661

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Shopping Portal version 2.0

Description The PHPGurukul Online Shopping Portal is susceptible to a Cross Site Scripting (XSS) issue. This flaw is located in the my-cart.php file and specifically affects the quantity parameter. Successful exploitation could allow an attacker to inject malicious scripts into the web page viewed by other users.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, sanitize the quantity parameter in the my-cart.php file to prevent the injection of malicious scripts.