Abdul Muhaimin

**Name of the Vulnerable Software and Affected Versions** zulip/zulip versions 44f935695d452cc3fb16845a0c6af710438b153d through 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6 **Description** The issue is related to Cross-site Scripting (XSS) - Stored, which affects the GitHub repository zulip/zulip. This type of attack occurs when an application stores user input that contains malicious scripts, which are then executed by the application, allowing an attacker to perform unauthorized actions. **Recommendations** For versions 44f935695d452cc3fb16845a0c6af710438b153d through 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6, update to a version after 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6 to resolve the issue. As a temporary workaround, consider restricting user input to prevent the storage of malicious scripts until a patch is available.

**Name of the Vulnerable Software and Affected Versions** s-cart/core versions prior to 4.4 **Description** The issue concerns Cross-site Scripting (XSS) that can be exploited via the admin panel. **Recommendations** For versions prior to 4.4, update to version 4.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** s-cart/core versions prior to 4.4 **Description** The search functionality of the admin dashboard in the file core/src/Admin/Controllers/AdminOrderController.php is vulnerable to XSS. This issue affects the package s-cart/core. **Recommendations** For versions prior to 4.4, update to version 4.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the search functionality in the admin dashboard until the update is applied.