Douhine Davy

**Name of the Vulnerable Software and Affected Versions** TWiki versions prior to 5.0.1 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The injection can occur via the `rev` parameter to the view script or the query string to the login script. **Recommendations** For versions prior to 5.0.1, update to version 5.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the view and login scripts until the update is applied. Avoid using the `rev` parameter in the view script and minimize the use of the query string in the login script until the issue is resolved.