Zshan7Queo

**Name of the Vulnerable Software and Affected Versions** Rainbow external link network disk version 5.5 **Description** The issue allows a remote attacker to execute arbitrary code via the validation component of the `input parameters`. This is a Cross Site Scripting vulnerability. **Recommendations** For Rainbow external link network disk version 5.5, consider disabling the validation component of the input parameters until a patch is available. Restrict access to the validation component to minimize the risk of exploitation. Avoid using the vulnerable validation component in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.