Joseph Ernest

**Name of the Vulnerable Software and Affected Versions** JosephErnest Void versions prior to 2015-10-02 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted URI. This occurs in the index.php file. **Recommendations** For versions prior to 2015-10-02, update to a version released after 2015-10-02 to resolve the issue. As a temporary workaround, consider validating and sanitizing all user-input data in the URI to prevent malicious script injections.