Niklaus Schiess

**Name of the Vulnerable Software and Affected Versions** CGI:IRC versions prior to 0.5.12 **Description** The issue concerns a lack of proper output encoding for user-supplied input from the R parameter in irc.cgi, which can lead to XSS. **Recommendations** For versions prior to 0.5.12, update to version 0.5.12 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Openstack Manila versions prior to 2.5.1 **Description** A cross-site scripting (XSS) issue exists in the Shares overview of Openstack Manila, allowing remote authenticated users to inject arbitrary web script or HTML via the `Metadata` field in the "Create Share" form. **Recommendations** For versions prior to 2.5.1, update to version 2.5.1 or later to resolve the issue.