Fr1Ezy

**Name of the Vulnerable Software and Affected Versions** MvnRepository MS Basic versions 2.1.18.3 and earlier Maven net.mingsoft MS Basic versions 2.1.13.4 and earlier **Description** The issue is related to a cross-site scripting (XSS) vulnerability in the search function. This type of vulnerability allows attackers to inject malicious scripts into websites, potentially leading to unauthorized access or control of user sessions. **Recommendations** For MvnRepository MS Basic versions 2.1.18.3 and earlier, consider disabling the search function until a patch is available. For Maven net.mingsoft MS Basic versions 2.1.13.4 and earlier, restrict access to the search functionality to minimize the risk of exploitation. As a temporary workaround, avoid using the search function in affected versions of both products until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** RuoYi version 4.5.1 **Description** An issue was discovered that allows attackers to obtain sensitive information via the `status` parameter. **Recommendations** For RuoYi version 4.5.1, consider restricting access to the `status` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.