Nico Trionfetti

**Name of the Vulnerable Software and Affected Versions** Vade Secure Gateway (affected versions not specified) **Description** A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via a crafted payload to the GET request after the `/css/` directory. This enables the attacker to inject malicious scripts into the application, potentially leading to unauthorized actions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vade Secure Gateway (affected versions not specified) **Description** A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the `username`, `password`, and `language` cookies parameter. This enables the attacker to perform unauthorized actions on the affected system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.