Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS) in proj_new.php via the Descricao parameter.Referenceshttps://blog.hawktesters.com/zero-day-alert-scriptcase-vulnerabilities-xss/