Jaredloo

**Name of the Vulnerable Software and Affected Versions** ixmaps website2017 versions prior to 0c71cffa0162186bc057a76766bc97e9f5a3a2d0 **Description** A security flaw exists that allows for cross site scripting. The issue is related to the manipulation of the `trid` argument within an HTTP GET request handled by a file, `/map.php`, and an unknown function. The attack can be initiated remotely. The exploit has been released publicly. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CodeCanyon/ui-lib Mentor LMS versions up to 1.1.1 **Description** A flaw exists in the component API of CodeCanyon/ui-lib Mentor LMS. This issue can lead to a permissive cross-domain policy with untrusted domains, allowing for remote attacks. The exploit has been published. The vendor was contacted but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LionCoders SalePro POS versions prior to 5.5.1 **Description** A security issue exists in LionCoders SalePro POS that involves the cleartext transmission of sensitive information during some unknown processing related to the Login component. This issue can be exploited remotely and is considered to have high complexity with difficult exploitability. The exploit is publicly available. The vendor was contacted regarding this disclosure but did not respond. **Recommendations** Update LionCoders SalePro POS to version 5.5.1 or later.