CVE-2022-50965

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the posts/manage module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests that execute in victims' browsers.