望月 岳

**Name of the Vulnerable Software and Affected Versions** MODx versions prior to 0.9.6.3 **Description** The issue is related to multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The vulnerabilities are related to the `preserveUrls` function and `username` input. **Recommendations** For MODx versions prior to 0.9.6.3, update to version 0.9.6.3 or later to resolve the issue. As a temporary workaround, consider restricting user input for the `username` field and disabling the `preserveUrls` function until a patch is applied. Avoid using the `username` input in sensitive areas of the application until the issue is resolved.