Youki992

**Name of the Vulnerable Software and Affected Versions** eyoucms version 1.6.4 **Description** The issue allows for Cross Site Scripting (XSS), which can lead to stealing sensitive information of logged-in users. **Recommendations** For eyoucms version 1.6.4, update to a version that fixes the Cross Site Scripting (XSS) issue to prevent stealing of sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MiniCMS version 1.11 **Description** A Cross-Site Request Forgery (CSRF) issue allows attackers to arbitrarily delete local .dat files by tricking users into clicking on a malicious link. **Recommendations** For MiniCMS version 1.11, as a temporary workaround, consider implementing strict validation and verification of requests to prevent unauthorized actions until a patch is available.