Jieun Kim

**Name of the Vulnerable Software and Affected Versions** TZ PlusGallery versions through 1.5.5 **Description** The software contains a flaw related to improper input handling during web page generation, specifically a Cross-site Scripting (XSS) issue. This allows for Stored XSS attacks. The issue affects the application when processing user-supplied data, potentially leading to the execution of malicious scripts within the context of a user's browser. The vulnerable component is susceptible to attacks where an attacker can inject malicious code into web pages viewed by other users. **Recommendations** Update TZ PlusGallery to a version later than 1.5.5.

**Name of the Vulnerable Software and Affected Versions** Jonathan Brinley DOAJ Export versions through 1.0.4 **Description** The software contains a flaw related to improper handling of user-supplied data when creating web pages, which can lead to Stored Cross-Site Scripting (XSS). This allows an attacker to inject malicious scripts into web pages viewed by other users. The affected component is the DOAJ Export functionality. **Recommendations** Update to a version beyond 1.0.4.

**Name of the Vulnerable Software and Affected Versions** Tripadvisor Shortcode versions through 2.2 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting (XSS). **Recommendations** Update Tripadvisor Shortcode to a version later than 2.2.

**Name of the Vulnerable Software and Affected Versions** khashabawy tli.tl auto Twitter poster versions through 3.4 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting (XSS). **Recommendations** Update to a version later than 3.4.

**Name of the Vulnerable Software and Affected Versions** Isra Kanpress versions through 1.1 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a Stored Cross-Site Scripting (XSS) condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: SoundSt SEO Search versions through 1.2.3 Description: The software contains a reflected cross-site scripting (XSS) issue due to improper neutralization of input during web page generation. Recommendations: Versions prior to 1.2.3 should be updated.