Jayson Grace

**Name of the Vulnerable Software and Affected Versions** MITRE CALDERA versions prior to 4.1.0 **Description** The issue allows for XSS in the Operations tab and/or Debrief plugin via a crafted operation name. **Recommendations** For versions prior to 4.1.0, update to version 4.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MITRE CALDERA versions prior to 4.1.0 **Description** The issue allows for XSS in the Operations tab and/or Debrief plugin via a crafted operation name. **Recommendations** For versions prior to 4.1.0, update to version 4.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Azure App Services (affected versions not specified) **Description** A Cross-site Scripting (XSS) issue exists due to improper sanitization of user-provided input. This allows a remote attacker to inject arbitrary code into a user's web page. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.