Bálint Magyar

**Name of the Vulnerable Software and Affected Versions** Google Web Designer versions prior to 16.3.0.0407 **Description** The issue allows an attacker to achieve remote code execution by tricking users into downloading a malicious ad template. This is due to path traversal in Google Web Designer's template handling on Windows. **Recommendations** For versions prior to 16.3.0.0407, update to version 16.3.0.0407 or later to resolve the issue. As a temporary workaround, consider avoiding the download of ad templates from untrusted sources until the update is applied. Restrict access to template handling features in Google Web Designer to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Google Web Designer (affected versions not specified) **Description** The software is susceptible to remote code execution (RCE) on macOS and Linux systems due to improper symbolic link resolution within the preview feature. This allows for potential client-side RCE via symlink following. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.