Ph03N1Xsp

**Name of the Vulnerable Software and Affected Versions** Koha versions up to 23.05.03 **Description** A problem has been identified that affects the MARC component, specifically the /cgi-bin/koha/catalogue/search.pl file. This issue can lead to cross-site scripting and can be initiated remotely. **Recommendations** For versions up to 23.05.03, consider restricting access to the /cgi-bin/koha/catalogue/search.pl file until a patch is available. As a temporary workaround, consider disabling the affected component of the MARC file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Planno version 23.04.04 **Description** A problematic issue affects an unknown part of the component `Comment Handler`, leading to cross-site scripting. The manipulation can be initiated remotely. **Recommendations** For Planno version 23.04.04, at the moment, there is no information about a newer version that contains a fix for this vulnerability.