Akinerkisa

**Name of the Vulnerable Software and Affected Versions** Schlix CMS versions prior to 2.2.9-5 **Description** Schlix CMS is affected by a Cross-Site Scripting (XSS) issue. The root cause is a lack of javascript sanitization in the login form, which allows incorrect login attempts to be logged as XSS in the admin panel. **Recommendations** Update Schlix CMS to version 2.2.9-5 or later.

**Name of the Vulnerable Software and Affected Versions** htmly version 3.0.8 **Description** The application is susceptible to Cross Site Scripting (XSS) due to insufficient sanitization of user-supplied input. Specifically, the `/author/:name` API endpoint does not properly sanitize the `name` parameter before reflecting it in the HTML response. This allows attackers to inject arbitrary JavaScript payloads. **Recommendations** Apply proper input sanitization to the `name` parameter in the `/author/:name` endpoint.

Name of the Vulnerable Software and Affected Versions: Shaarli versions prior to 0.15.0 Description: Shaarli is a minimalist bookmark manager and link sharing service. Input strings in the cloud tag page are not properly sanitized, allowing premature closure of the `</title>` tag. This results in a reflected Cross-Site Scripting (XSS) issue. Recommendations: Update to version 0.15.0 or later.