Roy Blume

**Name of the Vulnerable Software and Affected Versions** VisiCut version 2.1 **Description** The issue allows code execution via insecure XML deserialization in the `loadPlfFile` method of `VisicutModel.java`. **Recommendations** For VisiCut version 2.1, consider restricting the use of the `loadPlfFile` method in `VisicutModel.java` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Typecho version 1.2.1 **Description** A clickjacking issue has been identified, which could potentially be exploited. The estimated number of affected devices and details about real-world incidents are not provided. **Recommendations** For Typecho version 1.2.1, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.