Ziyan142857

**Name of the Vulnerable Software and Affected Versions** Pear-Admin-Boot versions up to 2.0.2 **Description** A cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `Title` of a private message. This enables attackers to potentially manipulate the web application's behavior or steal user data. **Recommendations** For Pear-Admin-Boot versions up to 2.0.2, as a temporary workaround, consider restricting the ability to inject payloads into the `Title` of private messages until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.