Fengniange

**Name of the Vulnerable Software and Affected Versions** timetec AWDMS version 2.0 **Description** A Cross Site Scripting issue allows an attacker to obtain sensitive information via a crafted payload to the `remark` parameter of the New Zone function. **Recommendations** For timetec AWDMS version 2.0, consider restricting access to the New Zone function until a patch is available. As a temporary workaround, avoid using the `remark` parameter in the New Zone function to minimize the risk of exploitation.