Julmud

**Name of the Vulnerable Software and Affected Versions** julmud/phpDVDProfiler versions v 20230807 through v 20250510 **Description** The issue concerns cross-site scripting in the search function of the software. This allows for potential malicious script execution when a user interacts with the search functionality. The software is used to display DVD collections on the web, maintained with Invelos's DVDProfiler software. **Recommendations** For versions v 20230807 through v 20250510, update to version v 20250511 or later, as it contains a patch for the issue. As a temporary workaround, consider restricting access to the search function until the update can be applied.