Andreas Lindh

**Nome do software vulnerável e versões afetadas** Okta Advanced Server Access Client para Windows, versões anteriores à 1.57.0 **Descrição** O problema está relacionado à injeção de comandos por meio de uma URL especialmente criada. **Recomendações** Para versões anteriores à 1.57.0, atualize para a versão 1.57.0 ou posterior para resolver o problema.

**Name of the Vulnerable Software and Affected Versions** Apache Jetspeed versions prior to 2.3.1 **Description** The issue allows remote authenticated administrators to write to arbitrary files and consequently execute arbitrary code via a .. (dot dot) in a ZIP archive entry. This can be achieved by including a ../../webapps/x.jsp entry in the ZIP archive. **Recommendations** For versions prior to 2.3.1, update to version 2.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Import/Export function in the Portal Site Manager to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apache Jetspeed versions prior to 2.3.1 **Description** The issue concerns SQL injection vulnerabilities in the User Manager service. These vulnerabilities allow remote attackers to execute arbitrary SQL commands. The vulnerabilities can be exploited via the `role` or `user` parameter to the "services/usermanager/users/" API endpoint. **Recommendations** For versions prior to 2.3.1, update to version 2.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the "services/usermanager/users/" API endpoint to minimize the risk of exploitation. Avoid using the `role` and `user` parameters in this endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Apache Jetspeed versions prior to 2.3.1 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the `title` parameter when adding a link, page, or folder resource. **Recommendations** For versions prior to 2.3.1, update to version 2.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `title` parameter when adding resources to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apache Jetspeed versions prior to 2.3.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the PATH INFO to the portal. This can be achieved by manipulating the `PATH INFO` variable. **Recommendations** For versions prior to 2.3.1, update to version 2.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `PATH INFO` variable to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apache OpenMeetings versions prior to 3.1.1 **Description** The issue concerns a directory traversal vulnerability in the Import/Export System Backups functionality. This allows remote authenticated administrators to write to arbitrary files by including a .. (dot dot) in a ZIP archive entry. **Recommendations** For versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apache OpenMeetings versions prior to 3.1.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event. **Recommendations** For versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apache OpenMeetings versions prior to 3.1.1 **Description** The issue is related to the improper use of the Java URL class in the `FileService.importFileByInternalUserId` and `FileService.importFile` SOAP API methods. This allows remote attackers to read arbitrary files by attempting to upload a file. No information is provided about the estimated number of potentially affected devices or real-world incidents. **Recommendations** For versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `FileService.importFileByInternalUserId` and `FileService.importFile` SOAP API methods until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Apache Jetspeed versions prior to 2.3.1 **Description** The issue concerns the User Manager service in Apache Jetspeed, which fails to properly restrict access using Jetspeed Security. This allows remote attackers to perform unauthorized actions on users via the REST API, including adding, editing, or deleting users. **Recommendations** For versions prior to 2.3.1, update to version 2.3.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apache OpenMeetings versions prior to 3.1.1 **Description** The issue allows remote attackers to reset arbitrary user passwords by leveraging knowledge of a user name and the current system time, due to the generation of predictable password reset tokens by the `sendHashByUser` function. **Recommendations** For versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the password reset functionality until the update is applied.

**Name of the Vulnerable Software and Affected Versions** IBM Security QRadar SIEM versions 7.1.x before 7.1 MR2 Patch 12 **Description** The issue allows remote authenticated users to execute unspecified OS commands. **Recommendations** For IBM Security QRadar SIEM versions 7.1.x before 7.1 MR2 Patch 12, update to 7.1 MR2 Patch 12 or later to resolve the issue.