Xavi

**Nome do software vulnerável e versões afetadas** UseBB versão 1.0.12 **Descrição** A vulnerabilidade permite que o processo de login seja contornado devido a um erro de manipulação de tipos no arquivo `panel login.php`. Isso ocorre porque o operador `!=` é usado em vez de `!==` para hashes de senha, levando a um tratamento incorreto de hashes que começam com `0e` seguido exclusivamente por caracteres numéricos. **Recomendações** Para a versão 1.0.12 do UseBB, considere modificar o arquivo `panel login.php` para usar o operador `!==` em vez de `!=` nas comparações de hashes de senha, a fim de prevenir ataques de tipo juggling. Como solução temporária, restrinja o acesso à funcionalidade de login até que o problema seja resolvido.

**Name of the Vulnerable Software and Affected Versions** Siemens AG Polarion versions prior to 19.2 **Description** The issue is related to improper neutralization of input during web page generation, which could allow an attacker to exploit a reflected Cross-site Scripting (XSS) vulnerability. **Recommendations** For versions prior to 19.2, update to version 19.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Siemens AG Polarion versions prior to 19.2 **Description** The issue is related to improper neutralization of input during web page generation, which could allow an attacker to exploit a reflected Cross-site Scripting (XSS) vulnerability. **Recommendations** For versions prior to 19.2, update to version 19.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Siemens AG Polarion versions prior to 19.2 **Description** The issue is related to improper neutralization of input during web page generation, which could allow an attacker to exploit a persistent Cross-site Scripting (XSS) vulnerability. **Recommendations** For versions prior to 19.2, update to version 19.2 or later to resolve the issue.