Paul Davis

**Name of the Vulnerable Software and Affected Versions** Phorum versions prior to 5.2.18 **Description** A Cross-Site Scripting (XSS) issue exists in the admin login screen. This allows for potential malicious script execution. **Recommendations** For versions prior to 5.2.18, update to version 5.2.18 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin login screen until the update is applied.

**Name of the Vulnerable Software and Affected Versions** CourseForum ProjectForum version 7.0.1.3038 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on a wiki page. **Recommendations** For version 7.0.1.3038, consider restricting access to wiki pages until a fix is available, and avoid using crafted object names to minimize the risk of exploitation.