Cedric1314

**Name of the Vulnerable Software and Affected Versions** maccms10 version 2021.1000.2000 **Description** A Server-Side Request Forgery (SSRF) issue allows attackers to force the application to make arbitrary requests via a crafted payload injected into the `Name` parameter under the Interface address module. **Recommendations** For version 2021.1000.2000, consider restricting access to the Interface address module to minimize the risk of exploitation. As a temporary workaround, avoid using the `Name` parameter in the affected module until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** maccms10 version 2022.1000.3032 **Description** A reflected cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `Name` parameter under the AD Management module. **Recommendations** For maccms10 version 2022.1000.3032, avoid using the `Name` parameter in the AD Management module until a fix is available. As a temporary workaround, consider restricting access to the AD Management module to minimize the risk of exploitation.