Felipe Alcantara

Name of the Vulnerable Software and Affected Versions: Cloudways Breeze versions 2.1.14 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Stored XSS attacks. Recommendations: For Cloudways Breeze versions 2.1.14 and earlier, update to a version later than 2.1.14 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** SoftExpert (SE) Excellence Suite versions prior to 2.1.3 **Description** The issue concerns Local File Inclusion in the function /se/v42300/generic/gn defaultframe/2.0/defaultframe filter.php. **Recommendations** For versions prior to 2.1.3, update to version 2.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the /se/v42300/generic/gn defaultframe/2.0/defaultframe filter.php endpoint until a patch is applied.