Aleyna Kabal

**Name of the Vulnerable Software and Affected Versions** CityPLus versions prior to V24.29750.1.0 **Description** Improper neutralization of input during web page generation in CityPLus allows Reflected Cross-Site Scripting (XSS), a flaw where an application includes untrusted data in a web page without proper validation or escaping, allowing an attacker to execute malicious scripts in the victim's browser. **Recommendations** Update to version V24.29750.1.0 or later.

**Name of the Vulnerable Software and Affected Versions** CityPLus versions prior to 24.29500.1.0 **Description** An issue exists in Beyaz Bilgisayar Software Design Industry and Trade Ltd. Co. CityPLus that allows for the detection of unpublicized web pages, potentially leading to exposure of sensitive information to an unauthorized actor and system information to an unauthorized control sphere. **Recommendations** Update CityPLus to version 24.29500.1.0 or later.

**Name of the Vulnerable Software and Affected Versions** Vidco Software VOC TESTER versions prior to 12.34.8 **Description** The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This vulnerability allows Path Traversal in Vidco Software VOC TESTER. **Recommendations** For versions prior to 12.34.8, update to version 12.34.8 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive directories to minimize the risk of exploitation.