Atpiuo

**Name of the Vulnerable Software and Affected Versions** EasySoft ZenTao version 11.6.4 **Description** The issue allows a remote attacker to execute arbitrary code via the `lastComment` parameter, which is related to a Cross Site Scripting vulnerability. **Recommendations** For EasySoft ZenTao version 11.6.4, avoid using the `lastComment` parameter in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.