Artem Brunov

**Name of the Vulnerable Software and Affected Versions** Fiserv Accurate Reconciliation versions prior to 3.0.0 **Description** The issue allows for XSS via the Source or Destination field of the Configuration Manager (Configuration Parameter Translation) page. **Recommendations** For versions prior to 3.0.0, update to version 3.0.0 or higher to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Fiserv Accurate Reconciliation versions prior to 3.0.0 **Description** The issue allows for cross-site scripting (XSS) attacks via the `timeOut` parameter in the `logout.jsp` endpoint. This could potentially lead to malicious script execution on the client-side. **Recommendations** For versions prior to 3.0.0, update to version 3.0.0 or higher to resolve the issue. As a temporary workaround, consider restricting access to the `logout.jsp` endpoint or avoiding the use of the `timeOut` parameter until the update is applied.