CVE-2022-50940

Name of the Vulnerable Software and Affected Versions Knap Advanced PHP Login version 3.1.3

Description The software contains a persistent cross-site scripting issue that allows remote attackers to inject malicious script code. The vulnerability exists in the name parameter. Successful exploitation could lead to the execution of arbitrary scripts in the users and activity log backend modules, potentially resulting in session hijacking and persistent phishing attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.