Andries

**Name of the Vulnerable Software and Affected Versions** rahman SelectCours version 1.0 **Description** A vulnerability has been found in the function `getCacheNames` of the file `CacheController.java` of the component Template Handler. The manipulation of the argument `fragment` leads to injection. The attack can be launched remotely. **Recommendations** For version 1.0, consider disabling the `getCacheNames` function until a patch is available to prevent exploitation. Restrict access to the Template Handler component to minimize the risk of injection attacks. Avoid using the `fragment` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.