Kfly8

**Name of the Vulnerable Software and Affected Versions** Kossy module versions prior to 0.60 **Description** The issue allows JSON hijacking due to mishandling of the `X-Requested-With` header. This can be exploited because of improper handling in the Kossy module for Perl. **Recommendations** For versions prior to 0.60, update to version 0.60 or later to resolve the issue. As a temporary workaround, consider restricting access to the Kossy module to minimize the risk of exploitation.