Artem Brylev

**Name of the Vulnerable Software and Affected Versions** Sherpa Orchestrator version 141851 **Description** The web application lacks protection against CSRF attacks, allowing an attacker to conduct XSS attacks, add a new user or role, or exploit a SQL injection issue. **Recommendations** For Sherpa Orchestrator version 141851, consider implementing protection against CSRF attacks to prevent exploitation. As a temporary workaround, restrict access to sensitive features that could be exploited through CSRF attacks, such as user or role management. Avoid using the web application for sensitive operations until the CSRF protection issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Sherpa Orchestrator version 141851 **Description** A low-privileged user can elevate their privileges by creating new users and roles. **Recommendations** For Sherpa Orchestrator version 141851, consider restricting the ability of low-privileged users to create new users and roles until a patch is available. As a temporary workaround, limit the access of low-privileged users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Sherpa Orchestrator version 141851 **Description** The issue allows for stored XSS attacks by an administrator through the `name` parameter when adding or updating licenses. The XSS payload can execute when the license expires. **Recommendations** For Sherpa Orchestrator version 141851, avoid using the `name` parameter in the license addition or update functionality until a fix is available. As a temporary workaround, consider restricting access to the license management feature to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Sherpa Orchestrator version 141851 **Description** The issue allows an authenticated user to perform multiple time-based blind SQL injections. This affects several API endpoints, including "api/gui/asset/list", "api/gui/files/export/csv/", "api/gui/files/list", "api/gui/process/export/csv", "api/gui/process/export/xlsx", "api/gui/process/listAll", "api/gui/processVersion/export/csv/", "api/gui/processVersion/export/xlsx/", "api/gui/processVersion/list/", "api/gui/robot/list/", "api/gui/task/export/csv/", "api/gui/task/export/xlsx/", and "api/gui/task/list/". **Recommendations** As a temporary workaround, consider restricting access to the affected API endpoints until a patch is available. Avoid using sensitive data in the affected endpoints to minimize the risk of exploitation. Update to a version that includes a fix for this issue when available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: TranzWare (POI) FIMI versions prior to 4.2.20.4.2 Description: The issue allows for reflected Cross-Site Scripting (XSS) in the login tw.php file. This can potentially lead to malicious script execution on the client-side. Recommendations: For versions prior to 4.2.20.4.2, update to version 4.2.20.4.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the login tw.php file until a patch is applied.