Geek-Repo

**Name of the Vulnerable Software and Affected Versions** phplist version 3.5.3 **Description** The issue is related to a lack of protection for the web page structure, allowing a remote attacker to perform cross-site scripting attacks. This can be achieved by creating a new username in the `login name` field within the Manage Administrators section. The estimated number of potentially affected devices is not provided. **Recommendations** For phplist version 3.5.3, consider disabling the ability to add new administrators or restrict access to the Manage Administrators section until a patch is available. Avoid using the `login name` field in the affected section to minimize the risk of exploitation.