Jianlinwei

**Name of the Vulnerable Software and Affected Versions** jianlinwei cool-php-captcha versions up to 0.2 **Description** A problematic vulnerability was found in the example-form.php file, where the manipulation of the `captcha` argument with the input `%3Cscript%3Ealert(1)%3C/script%3E` leads to cross-site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** Upgrading to version 0.3 is able to address this issue. It is recommended to upgrade the affected component. As a temporary workaround, consider restricting the input for the `captcha` argument to prevent cross-site scripting attacks.