Vipinxsec

**Name of the Vulnerable Software and Affected Versions** Alfresco Enterprise versions prior to 5.2.5 **Description** The issue allows for stored XSS via an uploaded HTML document. This means an attacker can upload a malicious HTML file to the system, which can then execute scripts on the user's browser, potentially leading to unauthorized actions or data theft. **Recommendations** For versions prior to 5.2.5, update to version 5.2.5 or later to resolve the issue. As a temporary workaround, consider restricting the upload of HTML documents to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WampServer version 3.1.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `virtual del` parameter. This can lead to the execution of malicious scripts on the client-side. **Recommendations** For WampServer version 3.1.1, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.