Bastion Security

**Name of the Vulnerable Software and Affected Versions** Microchip TimePictra versions 11.0 through 11.3 SP2 **Description** A missing authentication check for a critical function exists in Microchip TimePictra, potentially allowing for configuration and environment manipulation. **Recommendations** Versions prior to 11.0 and after 11.3 SP2 are not affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microchip TimePictra versions 11.0 through 11.3 SP2 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, also known as Cross-site Scripting (XSS). This allows for a Query System for Information. The issue affects the software’s ability to properly handle user-supplied data when generating web pages, potentially leading to the execution of malicious scripts. **Recommendations** Versions 11.0 through 11.3 SP2 are affected and should be updated when a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.