Michaelbrooks

**Name of the Vulnerable Software and Affected Versions** Pligg version 9.9.5 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `category` parameter in the "index.php" file. **Recommendations** For Pligg version 9.9.5, update the index.php file to properly sanitize the `category` parameter to prevent XSS attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.