Armysick

**Name of the Vulnerable Software and Affected Versions** EasyVista Service Manager version 2018.1.181.1 **Description** The issue is related to a Cross Site Scripting (XSS) vulnerability in the New equipment page. This vulnerability allows remote attackers to run arbitrary code via the `notes` field. **Recommendations** For EasyVista Service Manager version 2018.1.181.1, consider restricting access to the New equipment page or disabling the `notes` field until a fix is available.