Hydd3N

**Name of the Vulnerable Software and Affected Versions** OcoMon versions 4.0RC1 through 5.0RC1 **Description** A problematic issue has been found in the URL Handler component, specifically affecting the file /includes/common/require access recovery.php. This issue leads to cross site scripting, allowing an attack to be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For OcoMon versions 4.0RC1 through 4.0, upgrade to version 4.0.1 to address this issue. For OcoMon version 5.0RC1, upgrade to version 5.0 to address this issue. As a temporary workaround, consider restricting access to the /includes/common/require access recovery.php file until a patch is available.