Jubilianite

**Name of the Vulnerable Software and Affected Versions** Best House Rental Management System version 1.0 **Description** The issue allows a remote attacker to execute arbitrary code via the `House No` and `Description` parameters in the houses page at the "index.php" component. This enables the attacker to perform Cross Site Scripting attacks. **Recommendations** For Best House Rental Management System version 1.0, consider restricting access to the houses page at the "index.php" component to minimize the risk of exploitation. As a temporary workaround, avoid using the `House No` and `Description` parameters in the affected page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** flusity CMS versions through 2.45 **Description** The issue allows for XSS in the Gallery Name through the tools/addons model.php file. The product has ceased its development as of February 2024. **Recommendations** For versions through 2.45, as a temporary workaround, consider restricting access to the tools/addons model.php file until a resolution is determined, however, since the product has ceased development, there is no information about a newer version that contains a fix for this issue.