Kim Yunji

**Name of the Vulnerable Software and Affected Versions** Ays Pro Survey Maker versions through 5.1.8.8 **Description** A flaw exists in Ays Pro Survey Maker that allows for Stored Cross-site Scripting (XSS). This occurs due to improper neutralization of input during web page generation. Successful exploitation could allow an attacker to inject malicious scripts into web pages viewed by other users. **Recommendations** Update Ays Pro Survey Maker to a version later than 5.1.8.8.

**Name of the Vulnerable Software and Affected Versions** Nks Email Subscription Popup versions through 1.2.26 **Description** The software contains a flaw due to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that malicious scripts can be stored on the server and executed by other users when they view the affected web page. The vulnerability exists in the email-subscribe component. **Recommendations** Update to a version later than 1.2.26.