Andyp138

**Name of the Vulnerable Software and Affected Versions** givanz Vvveb version 1.0.7.2 **Description** A security vulnerability exists in givanz Vvveb 1.0.7.2, affecting an unknown part of the `app/template/user/login.tpl` file. Manipulation of the `Email/Password` argument can lead to cross-site scripting. The attack can be executed remotely. **Recommendations** Apply the patch `bbd4c42c66ab818142240348173a669d1d2537fe` to resolve this issue.

**Name of the Vulnerable Software and Affected Versions** givanz Vvveb version 1.0.6.1 **Description** A vulnerability exists in givanz Vvveb that allows for session fixation. The attack can be launched remotely and the exploit has been publicly disclosed. **Recommendations** Upgrade to version 1.0.7 to address this issue.