Laolisafe

**Name of the Vulnerable Software and Affected Versions** kimsQ Rb version 2.3.0 **Description** The issue allows for XSS via the second input field to the "/?r=home&mod=mypage&page=info" API endpoint. **Recommendations** For version 2.3.0, consider restricting access to the "/?r=home&mod=mypage&page=info" API endpoint until a patch is available. As a temporary workaround, avoid using the second input field in this endpoint to minimize the risk of exploitation.