Ehaoxiongdiycwo

**Name of the Vulnerable Software and Affected Versions** MorningStar WhatWeb version 0.4.9 **Description** The issue is related to a security problem where MorningStar WhatWeb is affected by XSS via JSON report files. **Recommendations** For version 0.4.9, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Kotti versions prior to 1.3.2 Kotti versions 2.x prior to 2.0.0b2 **Description** The issue concerns a CSRF problem in the local roles implementation. It can be triggered by a permission change via the "/admin-document/@@share" API endpoint. **Recommendations** For versions prior to 1.3.2, update to version 1.3.2 or later. For versions 2.x prior to 2.0.0b2, update to version 2.0.0b2 or later.