Vantastic

**Name of the Vulnerable Software and Affected Versions** LearnPress versions prior to 4.3.6 **Description** Improper neutralization of input during web page generation allows for Reflected Cross-Site Scripting (XSS), a flaw where an application includes untrusted data in a web page without proper validation, enabling attackers to execute malicious scripts in the victim's browser. **Recommendations** Update to a version newer than 4.3.6.