Rain Cold

**Name of the Vulnerable Software and Affected Versions** writercms version 1.1.0 **Description** The issue is related to incorrect access control, allowing attackers to directly obtain backend account passwords via unspecified vectors. **Recommendations** For writercms version 1.1.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xolo CMS version 0.11 **Description** A reflected cross-site scripting (XSS) issue was discovered. This issue allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized access or control. **Recommendations** For Xolo CMS version 0.11, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.