Ik3O

**Name of the Vulnerable Software and Affected Versions** ganglia-web (aka Ganglia Web Frontend) versions through 3.7.5 **Description** The issue allows for XSS via the `ce` parameter in the header.php file. **Recommendations** For versions through 3.7.5, update to a version later than 3.7.5 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ganglia-web versions through 3.7.5 **Description** The issue allows for XSS via the `header.php` `cs` parameter. **Recommendations** For versions through 3.7.5, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** PHPMyWind version 5.5 **Description** The issue concerns a security problem where an attacker can inject malicious code. This is possible through the `cid` parameter to the "newsshow.php" endpoint, or the query string to the "news.php" or "about.php" endpoints. **Recommendations** For PHPMyWind version 5.5, avoid using the `cid` parameter in the "newsshow.php" endpoint, and restrict access to the query strings in "news.php" and "about.php" until a fix is available.