Filipposmastroo

**Name of the Vulnerable Software and Affected Versions** Codiad version 2.0.7 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `Project Name` field. This enables attackers to execute malicious scripts on the client-side, potentially leading to unauthorized actions or data theft. **Recommendations** For Codiad version 2.0.7, update the software to a version that fixes this issue, ensuring that user input in the `Project Name` field is properly sanitized to prevent XSS attacks. As a temporary workaround, consider restricting user input in the `Project Name` field to minimize the risk of exploitation.