Gaurav Popalghat

**Name of the Vulnerable Software and Affected Versions** Thinkst Applied Research Canarytokens versions sha-c42435e through sha-bfda4df Thinkst Applied Research Canarytokens versions c42435e through bfda4df **Description** An HTML injection issue exists in the notification emails for "Slow Redirect" and "Cloned Website" Canarytokens. This allows for Interface Manipulation and Cross-Site Scripting (XSS), which is a technique where malicious scripts are injected into trusted websites or emails, in email clients that render HTML emails. **Recommendations** Update Thinkst Applied Research Canarytokens to Docker tag sha-bfda4df or later. Update Thinkst Applied Research Canarytokens to Git commit bfda4df or later.