Thiago Régis

**Name of the Vulnerable Software and Affected Versions** Open Social versions 0.0.0 through 12.3.8 Open Social versions 12.4.0 through 12.4.5 Open Social versions 13.0.0 through 13.0.0-alpha11 **Description** The issue is related to improper neutralization of input during web page generation, allowing Cross-Site Scripting (XSS) attacks. This can enable a remote attacker to conduct inter-site script attacks. **Recommendations** For Open Social versions 0.0.0 through 12.3.8, update to a version after 12.3.8 to resolve the issue. For Open Social versions 12.4.0 through 12.4.5, update to a version after 12.4.5 to resolve the issue. For Open Social versions 13.0.0 through 13.0.0-alpha11, update to a version after 13.0.0-alpha11 to resolve the issue.