Anxxhzz

**Name of the Vulnerable Software and Affected Versions** Cowell enterprise travel management system (affected versions not specified) **Description** The issue is related to insufficient filtering for special characters within web URLs, allowing an unauthenticated remote attacker to inject JavaScript and perform a Reflected Cross-Site Scripting attack. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.