Capsadmin

**Name of the Vulnerable Software and Affected Versions** CapsAdmin PAC3 (affected versions not specified) **Description** A problematic issue was found in CapsAdmin PAC3, affecting some unknown functionality of the file lua/pac3/core/shared/http.lua. The manipulation of the `url` argument leads to cross-site scripting. The attack may be launched remotely. **Recommendations** To fix this issue, it is recommended to apply a patch, specifically the one identified as 8fc9e12dfa21d757be6eb4194c763e848b299ac0. As a temporary workaround, consider restricting access to the `http.lua` file or disabling the functionality that manipulates the `url` argument until a patch is applied.