Fariskhi Vidyan

**Nome do software vulnerável e versões afetadas** Versões do react-draft-wysiwyg anteriores à 1.14.6 **Descrição** A vulnerabilidade permite que um URI `javascript:` seja incluído no destino de um link do decorador de links em `decorators/Link/index.js` quando um rascunho é compartilhado entre usuários, levando a um ataque XSS. **Recomendações** Para versões anteriores à 1.14.6, atualize para a versão 1.14.6 ou posterior para resolver o problema. Como solução alternativa temporária, considere restringir o uso do decorador de link em `decorators/Link/index.js` para minimizar o risco de exploração. Evite usar o URI `javascript:` no destino do link até que o problema seja resolvido.

**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.1 to 3.1.15 Moodle versions 3.4 to 3.4.6 Moodle versions 3.5 to 3.5.3 Moodle versions 3.6 to 3.6.1 **Description** A flaw was found in the 'manage groups' capability, which did not have the 'XSS risk' flag assigned to it, despite having access in certain places. This capability is intended for use by trusted users and is assigned to teachers and managers by default. **Recommendations** For Moodle versions 3.1 to 3.1.15, update to a version later than 3.1.15 to resolve the issue. For Moodle versions 3.4 to 3.4.6, update to a version later than 3.4.6 to resolve the issue. For Moodle versions 3.5 to 3.5.3, update to a version later than 3.5.3 to resolve the issue. For Moodle versions 3.6 to 3.6.1, update to a version later than 3.6.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** moodle versions 3.1 to 3.1.15 moodle versions 3.4 to 3.4.6 moodle versions 3.5 to 3.5.3 moodle versions 3.6 to 3.6.1 **Description** A flaw was found in the software where the /userpix/ page did not properly escape users' full names. These names are displayed as text when hovering over profile images. It's worth noting that the /userpix/ page is not linked to by default and its access is restricted. **Recommendations** For moodle versions 3.1 to 3.1.15, update to a version later than 3.1.15 to resolve the issue. For moodle versions 3.4 to 3.4.6, update to a version later than 3.4.6 to resolve the issue. For moodle versions 3.5 to 3.5.3, update to a version later than 3.5.3 to resolve the issue. For moodle versions 3.6 to 3.6.1, update to a version later than 3.6.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Horde Image versions 2.0.0 through 2.5.1 **Description** A Remote Code Execution issue has been found in the Horde Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility. This issue is not exploitable through any Horde application, as the vulnerable code path is not used by any Horde code. However, custom applications using the Horde Image library might be affected. The problem stems from missing input validation of the `index` field in ` raw()` during the construction of an ImageMagick command line. **Recommendations** For Horde Image versions 2.0.0 through 2.5.1, update to version 2.5.2 to resolve the issue. As a temporary workaround, consider disabling the use of the "Im" backend or restricting access to the ` raw()` function until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** Horde Image versions prior to 2.5.0 **Description** A Denial of Service issue was discovered in Horde Image via a crafted URL to the "Null" image driver. **Recommendations** For versions prior to 2.5.0, update to version 2.5.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Horde Image versions prior to 2.5.0 **Description** A Remote Code Execution issue was discovered, which can be exploited via a crafted GET request. This issue requires authentication to be exploited. **Recommendations** For versions prior to 2.5.0, update to version 2.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected module to minimize the risk of exploitation.