Satoki

**Nome do Software Vulnerável e Versões Afetadas** Google Chrome versões anteriores a 148.0.7778.96 **Descrição** A validação insuficiente de entrada não confiável em Cookies permite que um invasor remoto realize a escalada de privilégios por meio de uma página HTML manipulada. **Recomendações** Atualize para a versão 148.0.7778.96 ou posterior.

**Name of the Vulnerable Software and Affected Versions** ClipBucket versions 5.5.2 through 5.5.2-#156 **Description** An authenticated regular user can create a photo collection with a collection name containing HTML/JavaScript payloads. This makes the Manage Photos feature susceptible to Stored Cross-Site Scripting (XSS). The payload is rendered unsafely within the Admin → Manage Photos interface, leading to execution in the administrator’s browser. This allows an attacker to target administrators and potentially perform actions with elevated privileges. **Recommendations** Update to version 5.5.2-#157 or later.