Bnyt7

**Name of the Vulnerable Software and Affected Versions** Algernon version 1.17.4 **Description** A Cross Site Scripting issue exists in Algernon version 1.17.4. This allows attackers to execute arbitrary code by injecting a crafted payload into a filename. The issue involves the injection of malicious code through a filename, potentially leading to unauthorized actions or data compromise. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.