Zerocrates

**Name of the Vulnerable Software and Affected Versions** omeka/omeka-s versions prior to 4.0.4 **Description** The issue is related to Cross-site Scripting (XSS) - Stored, which affects the GitHub repository omeka/omeka-s. **Recommendations** For versions prior to 4.0.4, update to version 4.0.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** omeka/omeka-s versions prior to 4.0.3 **Description** The issue concerns improper input validation in the omeka/omeka-s GitHub repository. This can lead to injection attacks, where special elements are not properly neutralized in output used by downstream components. **Recommendations** For versions prior to 4.0.3, update to version 4.0.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Omeka versions prior to 2.6.1 **Description** The issue allows for XSS by adding or editing a tag, specifically in the admin/themes/default/items/tag-form.php file. **Recommendations** For Omeka versions prior to 2.6.1, update to version 2.6.1 or later to resolve the issue.