Mikent

**Name of the Vulnerable Software and Affected Versions** Ellucian Ethos Identity versions up to 5.10.5 **Description** A problematic issue has been found in Ellucian Ethos Identity, where the manipulation of the `url` argument in an unknown function of the file /cas/logout leads to cross-site scripting. This can be launched remotely. **Recommendations** For Ellucian Ethos Identity versions up to 5.10.5, upgrade to version 5.10.6 to address this issue. As a temporary workaround, consider restricting access to the /cas/logout endpoint until the upgrade is applied.