Pr3D4Dor

**Name of the Vulnerable Software and Affected Versions** MAP-OS versions 4.45.0 and earlier **Description** The issue is related to a cross-site scripting (XSS) vulnerability. Cross-site scripting is a type of security vulnerability that occurs when an attacker is able to inject malicious scripts into a website, allowing them to steal user data or take control of the user's session. **Recommendations** For MAP-OS versions 4.45.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MAP-OS versions 4.45.0 and earlier **Description** The issue allows malicious users to insert a malicious payload into the `Client Name` input, resulting in unauthorized script execution on the administrator and employee dashboards when a service order from this client is created. **Recommendations** For MAP-OS versions 4.45.0 and earlier, consider restricting the input for the `Client Name` field to prevent malicious payload insertion until a fix is available. As a temporary workaround, limit access to the administrator and employee dashboards to minimize the risk of exploitation.