Sssdlo

**Name of the Vulnerable Software and Affected Versions** laravel-admin version 1.7.3 **Description** The issue arises from mishandling on the "Operation log" screen, allowing for XSS via the Slug or Name on the Roles screen. **Recommendations** For version 1.7.3, update to a version that fixes the mishandling of user input on the "Operation log" screen to prevent XSS attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LavaLite versions prior to 5.8 **Description** The issue arises from a crafted account name that is mishandled on the Manage Clients screen, leading to a cross-site scripting (XSS) attack. **Recommendations** For versions prior to 5.8, update to version 5.8 or later to resolve the issue.