Wys3300

**Name of the Vulnerable Software and Affected Versions** itsourcecode E-Logbook version 1.0 **Description** A cross-site scripting issue exists due to the manipulation of the `profile id` argument in the POST Request Handler component. The vulnerability affects the processing of the file `/stc-log-keeper/check profile.php`. The attack can be launched remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.