Yns

**Name of the Vulnerable Software and Affected Versions** EJ3 TOPo version 2.2.178 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `gTopNombre` parameter in the inc header.php file. **Recommendations** For version 2.2.178, avoid using the `gTopNombre` parameter in the affected API endpoint until the issue is resolved.