Anthony Goyette

**Name of the Vulnerable Software and Affected Versions** Softing smartLink SW-HT versions prior to 1.30 **Description** The issue allows an attacker to execute a dynamic script, such as JavaScript or VBScript, in the context of the application. This is a Cross-site Scripting vulnerability. **Recommendations** For versions prior to 1.30, update to version 1.30 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Softing smartLink SW-HT versions prior to 1.30 **Description** The issue concerns the use of weak ciphers during secure communication via SSL in the affected software. This could potentially compromise the security of the communication. **Recommendations** For versions prior to 1.30, update to version 1.30 or later to resolve the issue. As a temporary workaround, consider disabling the use of weak ciphers in SSL communication until a patch is available. Restrict access to sensitive data transmitted over SSL to minimize the risk of exploitation.