Jbtronics

**Name of the Vulnerable Software and Affected Versions** Part-DB versions prior to 1.0.2 **Description** Part-DB is an open source inventory management system for electronic components. A issue was found where user input was not properly escaped, allowing malicious users to inject arbitrary HTML into pages. The Content-Security-Policy prevents inline and external scripts, so JavaScript code cannot be executed unless combined with other issues. **Recommendations** For versions prior to 1.0.2, upgrade to Part-DB 1.0.2 or later.