Belguinan

**Name of the Vulnerable Software and Affected Versions** laracom (aka Laravel FREE E-Commerce Software) version 1.4.11 **Description** The issue is related to a Cross-site Scripting vulnerability. It occurs via the search query, where the `search?q=` parameter is vulnerable to XSS attacks. No information is provided about the estimated number of potentially affected devices or real-world incidents. **Recommendations** For version 1.4.11, as a temporary workaround, consider restricting access to the search functionality until a patch is available. Avoid using the `search?q=` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.