Rusi-Sec

**Name of the Vulnerable Software and Affected Versions** facileManager versions prior to 6.0.4 **Description** facileManager is a modular suite of web apps designed for system administrators. A reflected cross-site scripting (XSS) issue exists when the application processes data from an untrusted source and incorporates it into HTTP responses, potentially leading to security compromises. An attacker can inject malicious JavaScript code into a URL by including a script within a parameter. This vulnerability is present in the fmDNS module, specifically affecting the `log search query` parameter. **Recommendations** Update to version 6.0.4 or later.

**Name of the Vulnerable Software and Affected Versions** facileManager versions prior to 6.0.4 **Description** facileManager is a suite of web applications designed for system administrators. A stored cross-site scripting (XSS) issue exists in the fmDNS module. This type of attack occurs when an application receives data from an untrusted source and includes it in HTTP responses without proper sanitization. Stored XSS, also known as persistent or second-order XSS, allows malicious scripts to be stored on the target server and executed by other users. **Recommendations** Update to version 6.0.4 or later.