Mayur Udiniya

**Name of the Vulnerable Software and Affected Versions** MyBB version 1.8.15 **Description** The issue concerns the mishandling of 'target=" blank" rel="noopener"' in A elements by MyBB 1.8.15 when accessed with Microsoft Edge. This makes it easier for remote attackers to conduct redirection attacks. **Recommendations** For MyBB version 1.8.15, consider updating to a newer version that addresses this issue, as no specific fix is provided for this version.

**Name of the Vulnerable Software and Affected Versions** phpMyAdmin versions prior to 4.7.8 ALT Linux (affected versions not specified) **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. **Recommendations** For phpMyAdmin versions prior to 4.7.8, update to version 4.7.8 or later to resolve the issue. For ALT Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** iBall 300M version iB-WRB302N 1.0.1-Sep 8 2017 **Description** The issue concerns an Unauthenticated Stored Cross Site Scripting vulnerability. It is exploited via the `lang` parameter in the "/goform/setLang" API endpoint. **Recommendations** For version iB-WRB302N 1.0.1-Sep 8 2017, avoid using the `lang` parameter in the "/goform/setLang" API endpoint until the issue is resolved.