Tim De Gier

**Name of the Vulnerable Software and Affected Versions** Land Down Under versions prior to 700 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in files such as functions.php, header.php, or auth.inc.php. **Recommendations** For versions prior to 700, update to version 700 or later to resolve the issue. As a temporary workaround, consider restricting the use of BBcode img tags in the affected files until a patch is available.