Waleed Ibrahim Alhajri

**Name of the Vulnerable Software and Affected Versions** Solvait version 24.4.2 **Description** An information disclosure issue in the "/Letter/PrintQr/" endpoint allows attackers to access sensitive data via a crafted request. **Recommendations** For Solvait version 24.4.2, as a temporary workaround, consider restricting access to the "/Letter/PrintQr/" endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DataTables plug-in version 1.9.2 for jQuery **Description** A Cross Site Scripting (XSS) issue allows attackers to run arbitrary code via the `sBaseName` parameter to the ` fnCreateCookie` function. This affects a version from 2012. **Recommendations** For version 1.9.2, consider disabling the ` fnCreateCookie` function or restricting the use of the `sBaseName` parameter to minimize the risk of exploitation.