[webapps] – iScripts MultiCart <= 2.4 – Persistent XSS / CSRF / XSS+CSRF Mass Accounts takeover

[local] Daikin Security Gateway 14 – Remote Password Reset

[webapps] ERPNext 14.82.1 – Account Takeover via Cross-Site Request Forgery (CSRF)