Yazi7O

**Name of the Vulnerable Software and Affected Versions** SpringBootMovie versions 1.2 and earlier **Description** The issue allows malicious code to be stored when adding movie names due to the lack of filtering parameters, resulting in stored XSS. **Recommendations** For SpringBootMovie versions 1.2 and earlier, consider implementing filtering parameters to prevent the storage of malicious code when adding movie names. As a temporary workaround, restrict the ability to add movie names until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SpringBootMovie versions 1.2 and earlier **Description** The issue is related to an arbitrary file upload vulnerability due to the uploaded file suffix parameter not being filtered. **Recommendations** For SpringBootMovie versions 1.2 and earlier, as a temporary workaround, consider filtering the uploaded file suffix parameter to prevent arbitrary file uploads until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.