Rio Sherri

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge and Internet Explorer (affected versions not specified) **Description** The issue exists due to insufficient input validation in Microsoft browsers. An attacker could exploit this to impact the confidentiality of protected information by using a specially crafted web page. The vulnerability allows an attacker to pass custom command line parameters under specific conditions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ISPConfig versions prior to 3.1.13 **Description** The issue is related to an unanchored regular expression in the software, which allows authenticated users with local filesystem access to include arbitrary files. This can lead to code execution. **Recommendations** For versions prior to 3.1.13, update to version 3.1.13 or later to resolve the issue.