Benmalek Aymen

**Name of the Vulnerable Software and Affected Versions** Mondula GmbH Multi Step Form versions 1.7.18 and earlier **Description** The issue is a Cross-Site Request Forgery (CSRF) vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the user is authenticated to. **Recommendations** For versions 1.7.18 and earlier, update to a version that is not affected by this issue, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mondula GmbH Multi Step Form versions 1.7.13 and earlier **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. **Recommendations** For versions 1.7.13 and earlier, update to a version later than 1.7.13 to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation.