Huzefa2212

**Name of the Vulnerable Software and Affected Versions** Neox Contact Center version 2.3.9 **Description** A Cross Site Scripting (XSS) issue exists, allowing exploitation via the `serach sms api name` parameter to the SMA API search. **Recommendations** For Neox Contact Center version 2.3.9, avoid using the `serach sms api name` parameter in the SMA API search until the issue is resolved. As a temporary workaround, consider restricting access to the SMA API to minimize the risk of exploitation.