Barriuso

Name of the Vulnerable Software and Affected Versions: Integria IMS (affected versions not specified) Description: The login check in Integria IMS uses a loose comparator to compare the MD5 hash of the user-provided password and the MD5 hash stored in the database. This allows an attacker with a specifically formatted password to exploit the issue and log in to the system with different passwords. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Integria IMS version 5.0.92 **Description** The issue is related to incorrect filtering of certain fields in the login.php file, which could allow an attacker to perform a cross-site scripting attack (XSS). **Recommendations** For Integria IMS version 5.0.92, update to a version that correctly filters fields related to the login.php file to prevent cross-site scripting attacks.