Retnullyu

**Name of the Vulnerable Software and Affected Versions** gocron versions through 1.5.3 **Description** A cross-site scripting (XSS) issue allows attackers to execute arbitrary code via the `hostname` in the `scope.row` object, specifically in the web/vue/src/pages/taskLog/list.vue file. **Recommendations** For versions through 1.5.3, update to a version that contains a fix for this issue to prevent arbitrary code execution.

**Name of the Vulnerable Software and Affected Versions** Pybbs version 6.0 **Description** A cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Search box. **Recommendations** For Pybbs version 6.0, consider restricting access to the Search box until a patch is available. As a temporary workaround, avoid using the Search box with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.