Republic

**Name of the Vulnerable Software and Affected Versions** DECE Software Geodi versions prior to 9.0.146 **Description** The software contains an Improper Neutralization of Input During Web Page Generation, which allows for Cross-Site Scripting (XSS). This issue can potentially allow attackers to inject malicious scripts into web pages viewed by other users. **Recommendations** Update DECE Software Geodi to version 9.0.146 or later.

**Name of the Vulnerable Software and Affected Versions** DECE Software Geodi versions prior to 9.0.146 **Description** The software contains an Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability, which allows for HTTP Request Splitting. **Recommendations** Update to GEODI Setup 9.0.146 or later.