Yuriy Bairov

**Name of the Vulnerable Software and Affected Versions** EyesOfNetwork Web Interface version 5.3 **Description** A reflected cross-site scripting (XSS) issue was found in the EyesOfNetwork Web Interface. The issue is related to the "/module/report event/index.php" API endpoint. **Recommendations** For EyesOfNetwork Web Interface version 5.3, consider disabling access to the "/module/report event/index.php" endpoint until a fix is available to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** EyesOfNetwork Web Interface version 5.3 **Description** A reflected cross-site scripting (XSS) issue was found in the EyesOfNetwork Web Interface, specifically via the "module/admin bp/add application.php" API endpoint. This issue can be exploited to execute malicious scripts. **Recommendations** For version 5.3, consider disabling access to the "/module/admin bp/add application.php" endpoint until a fix is available. Restrict input to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EyesOfNetwork Web Interface version 5.3 **Description** A reflected cross-site scripting (XSS) issue was found in the EyesOfNetwork Web Interface. The issue is related to the /lilac/main.php API endpoint. **Recommendations** For EyesOfNetwork Web Interface version 5.3, consider disabling access to the /lilac/main.php endpoint until a patch is available.