Jacky

**Name of the Vulnerable Software and Affected Versions** TeaCMS (affected versions not specified) **Description** A Cross Site Scripting issue in TeaCMS storage allows an attacker to cause a leak of sensitive information via the `article title` parameter. This enables the attacker to potentially access or expose sensitive data. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** XiaoBingby TeaCMS version 2.3.3 **Description** An unauthorized access issue allows attackers to escalate privileges via the `id` and `keywords` parameters. **Recommendations** For XiaoBingby TeaCMS version 2.3.3, consider restricting access to the `id` and `keywords` parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** My-Blog (affected versions not specified) **Description** A Cross Site Scripting issue in My-Blog allows attackers to cause a denial of service via the `Post` function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** zbl1996 FS-Blog (affected versions not specified) **Description** A vulnerability was found in the component Title Handler of zbl1996 FS-Blog, which leads to cross site scripting. The manipulation can be initiated remotely, affecting some unknown processing. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** pallidlight online-course-selection-system (affected versions not specified) **Description** A vulnerability was found in the pallidlight online-course-selection-system, classified as problematic. The issue affects an unknown function and leads to cross-site scripting. It is possible to launch the attack remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** xiandafu beetl-bbs (affected versions not specified) **Description** A vulnerability was found in xiandafu beetl-bbs, affecting an unknown functionality of the file WebUtils.java. The manipulation of the `user` argument leads to cross-site scripting. The attack can be launched remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.