Snake_23

**Name of the Vulnerable Software and Affected Versions** Confixx version 3.1.2 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the `login` parameter in the ftplogin/index.php file. **Recommendations** For Confixx version 3.1.2, update the ftplogin/index.php file to properly sanitize the `login` parameter to prevent arbitrary web script or HTML injection. As a temporary workaround, consider restricting access to the ftplogin/index.php file until a patch is available.