Virtualtam

**Name of the Vulnerable Software and Affected Versions** Shaarli versions prior to 0.8.5 Shaarli versions 0.9.x prior to 0.9.3 **Description** The issue allows remote attackers to inject arbitrary code via the login form's `username` field, which is passed to the `ban canLogin` function in `index.php`. This enables attackers to execute malicious scripts on the client-side. **Recommendations** For versions prior to 0.8.5, update to version 0.8.5 or later. For versions 0.9.x prior to 0.9.3, update to version 0.9.3 or later.