Ishibashi

**Name of the Vulnerable Software and Affected Versions** KENT-WEB WEB MART versions 1.7 and earlier **Description** A cross-site scripting (XSS) issue might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie. This could potentially lead to unauthorized actions on the affected web application. **Recommendations** For versions 1.7 and earlier, update to a version later than 1.7 to resolve the issue. As a temporary workaround, consider restricting access to sensitive cookies to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** KENT-WEB WEB FORUM versions 5.1 and earlier **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via vectors related to the web page to be output. This could potentially lead to unauthorized access or control of user sessions. **Recommendations** For KENT-WEB WEB FORUM versions 5.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** KENT-WEB WEB FORUM versions 5.1 and earlier **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via vectors related to cookies. This can lead to the execution of malicious scripts on the client-side. **Recommendations** For versions 5.1 and earlier, update to a version later than 5.1 to resolve the issue. As a temporary workaround, consider restricting access to cookies to minimize the risk of exploitation.