Dayn1Ne

**Name of the Vulnerable Software and Affected Versions** EspoCRM version 5.6.4 **Description** The issue is related to stored XSS due to the lack of filtration of user-supplied data in the "api/v1/Document" functionality for storing documents in the account tab. An attacker can upload a crafted file that contains JavaScript code in its name, which will be executed when a user opens a page of any profile with this document. **Recommendations** For EspoCRM version 5.6.4, consider disabling the "api/v1/Document" functionality until a patch is available to prevent the upload of crafted files that can lead to stored XSS attacks. Additionally, restrict access to the document storage feature in the account tab to minimize the risk of exploitation. Avoid using the `api/v1/Document` endpoint for storing documents until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Firefly III versions prior to 4.7.17.1 **Description** The issue is related to stored XSS due to the lack of filtration of user-supplied data in a budget name. The JavaScript code is contained in a transaction and is executed on the "tags/show/$tag number$" tag summary page. An attacker must have the same access rights as the user to execute the vulnerability. **Recommendations** For versions prior to 4.7.17.1, update to version 4.7.17.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the tag summary page or limiting the ability to create transactions with user-supplied data in budget names until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firefly III versions prior to 4.7.17.3 **Description** The issue arises from a lack of filtration of user-supplied data in image file names, leading to stored XSS. The JavaScript code is executed during attachments/edit/$file id$ attachment editing. It is noted that an attacker must have the same access rights as the user to execute the vulnerability. **Recommendations** For versions prior to 4.7.17.3, update to version 4.7.17.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the attachments/edit/$file id$ endpoint to minimize the risk of exploitation. Avoid using user-supplied data in image file names until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Firefly III versions prior to 4.7.17.3 **Description** The issue is related to stored XSS due to the lack of filtration of user-supplied data in image file content. The JavaScript code is executed during attachments/view/$file id$ attachment viewing. It is noted that an attacker must have the same access rights as the user to execute the vulnerability. **Recommendations** For versions prior to 4.7.17.3, update to version 4.7.17.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the attachments/view/$file id$ endpoint to minimize the risk of exploitation. Avoid using user-supplied data in image file content until the issue is resolved.