Matjosephs

Name of the Vulnerable Software and Affected Versions: Hyundai Navigation App version STD5W.EUR.HMC.230516.afa908d Description: An attacker can inject HTML payloads into the `profile name` field within the navigation application, leading to the rendering of the injected content. Recommendations: Sanitize user-supplied input for the `profile name` field to prevent the injection of HTML payloads.

**Name of the Vulnerable Software and Affected Versions** Vivaldi United Group iCONTROL+ Server versions 4.7.8.0.eden Logic 5.32 and earlier **Description** A cross-site scripting issue exists in Vivaldi United Group iCONTROL+ Server. This allows attackers to inject JavaScript payloads into the `error` or `edit-menu-item` parameters, which are then executed in the victim’s browser session. **Recommendations** Versions prior to 4.7.8.0.eden Logic 5.32 should be updated.