Fabian Densborn

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 128.7 Thunderbird versions prior to 135 **Description** The issue arises when the From field of an email uses invalid group name syntax. This results in Thunderbird displaying an incorrect sender address. **Recommendations** For versions prior to 128.7, update to version 128.7 or later. For versions prior to 135, update to version 135 or later. At the moment, there is no information about additional mitigation measures for this issue.

**Name of the Vulnerable Software and Affected Versions** Boomerang Parental Control application versions prior to 13.83 for Android **Description** An issue was discovered in the Boomerang Parental Control application where the app is missing the android:allowBackup="false" attribute in the manifest. This allows a user to backup the internal memory of the app to a PC, giving them access to the API token used to authenticate requests to the API. This vulnerability can be exploited by an attacker with physical access to the device, potentially allowing them to take over the admin control panel and spy on a kid. The estimated number of potentially affected devices is over 100,000. **Recommendations** For versions prior to 13.83, update to version 13.83 or later to resolve the issue. As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation. Additionally, users should be cautious when granting physical access to their devices to prevent potential attacks.

**Name of the Vulnerable Software and Affected Versions** Boomerang Parental Control versions through 13.83 for Android **Description** An issue was discovered in the Boomerang Parental Control application, allowing a child to use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing. **Recommendations** For versions through 13.83, consider disabling the Safe Mode feature temporarily until a patch is available to prevent the child from removing restrictions or uninstalling the application. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Kiddoware Kids Place Parental Control version prior to 3.8.50 **Description** An issue in the Kiddoware Kids Place Parental Control application allows a child to temporarily remove all restrictions without the parents noticing. This can be achieved by rebooting into Android Safe Mode and disabling the "Display over other apps" permission. **Recommendations** For versions prior to 3.8.50, update to version 3.8.50 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Serenity Serene versions prior to 6.7.0 StartSharp versions prior to 6.7.0 **Description** An issue was discovered where password reset links sent by email contain a token that remains valid even after the password reset, allowing it to be used again to change the password of the corresponding user. This token expires 3 hours after issuance and is sent as a query parameter when resetting. An attacker with access to the browser history can use the token again to change the password and take over the account. **Recommendations** For versions prior to 6.7.0, update to version 6.7.0 or later to resolve the issue. As a temporary workaround, consider restricting access to password reset links and tokens to minimize the risk of exploitation. Avoid using the password reset feature until the issue is resolved, and ensure that browser history is cleared regularly to prevent token reuse.

**Name of the Vulnerable Software and Affected Versions** Serenity Serene versions prior to 6.7.0 StartSharp versions prior to 6.7.0 **Description** A security issue was discovered where users can upload temporary files with certain file endings, such as .html or .htm, that contain a malicious payload. This payload can be used to send a link to an administrator user, potentially leading to exploitation. **Recommendations** For Serenity Serene versions prior to 6.7.0, update to version 6.7.0 or later to resolve the issue. For StartSharp versions prior to 6.7.0, update to version 6.7.0 or later to resolve the issue. As a temporary workaround, consider restricting the upload of .html and .htm files to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** Serenity Serene versions prior to 6.7.0 StartSharp versions prior to 6.7.0 **Description** An issue was discovered where the server response to a password reset request leaks the existence of users. If a password reset is attempted for a non-existent user, the error message indicates that the user does not exist. **Recommendations** For Serenity Serene versions prior to 6.7.0, update to version 6.7.0 or later to resolve the issue. For StartSharp versions prior to 6.7.0, update to version 6.7.0 or later to resolve the issue.