Anil Celi̇k

**Name of the Vulnerable Software and Affected Versions** Bookreen versions prior to 3.0.0 **Description** The issue is related to an Incomplete List of Disallowed Inputs vulnerability in Bookreen, which allows Privilege Escalation. **Recommendations** For versions prior to 3.0.0, update to version 3.0.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iDisplay PlatPlay DS versions prior to 3.14 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicious scripts into the website, potentially affecting users who access the compromised page. **Recommendations** For versions prior to 3.14, update to version 3.14 or later to resolve the issue. As a temporary workaround, consider restricting user input to prevent malicious scripts from being injected into the web page.