Chbi

**Name of the Vulnerable Software and Affected Versions** OX App Suite versions 7.10.3 and earlier **Description** The issue allows for cross-site scripting (XSS), which is a type of attack where an attacker injects malicious code into a website, allowing them to steal user data or take control of the user's session. **Recommendations** For OX App Suite versions 7.10.3 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mahara versions 15.04 through 15.04.14 Mahara versions 16.04 through 16.04.8 Mahara versions 16.10 through 16.10.5 Mahara versions 17.04 through 17.04.3 **Description** The issue allows a user to submit potentially dangerous payloads, such as XSS code, to be saved as their first name, last name, or display name in the profile fields. This can cause issues including escalation of privileges or unknown execution of malicious code when replying to messages in Mahara. **Recommendations** For Mahara versions 15.04 through 15.04.14, update to version 15.04.15 or later. For Mahara versions 16.04 through 16.04.8, update to version 16.04.9 or later. For Mahara versions 16.10 through 16.10.5, update to version 16.10.6 or later. For Mahara versions 17.04 through 17.04.3, update to version 17.04.4 or later.

**Name of the Vulnerable Software and Affected Versions** Mahara versions 15.04 through 15.04.14 Mahara versions 16.04 through 16.04.8 Mahara versions 16.10 through 16.10.5 Mahara versions 17.04 through 17.04.3 **Description** The issue allows a user to submit a potentially dangerous payload, such as XSS code, to be saved as titles in internal artefacts. **Recommendations** For Mahara versions 15.04 through 15.04.14, update to version 15.04.15 or later. For Mahara versions 16.04 through 16.04.8, update to version 16.04.9 or later. For Mahara versions 16.10 through 16.10.5, update to version 16.10.6 or later. For Mahara versions 17.04 through 17.04.3, update to version 17.04.4 or later.

**Name of the Vulnerable Software and Affected Versions** ILIAS versions prior to 5.1.21 ILIAS versions 5.2.x prior to 5.2.9 **Description** A stored XSS issue in the Media Objects component allows an authenticated user to inject JavaScript, potentially gaining administrator privileges. This is related to the `setParameter` function in `Services/MediaObjects/classes/class.ilMediaItem.php`. **Recommendations** For ILIAS versions prior to 5.1.21, update to version 5.1.21 or later. For ILIAS versions 5.2.x prior to 5.2.9, update to version 5.2.9 or later. As a temporary workaround, consider restricting access to the Media Objects component until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Flyspray versions prior to 1.0-rc6 **Description** The issue allows an authenticated user to inject JavaScript and gain administrator privileges. This is achieved by exploiting the real name or email address field in the themes/CleanFS/templates/common.editallusers.tpl template. **Recommendations** For versions prior to 1.0-rc6, update to version 1.0-rc6 or later to resolve the issue. As a temporary workaround, consider restricting access to the themes/CleanFS/templates/common.editallusers.tpl template to minimize the risk of exploitation. Avoid using the `real name` or `email address` fields in the affected template until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Flyspray versions 1.0-rc4 through 1.0-rc5 **Description** The issue allows an authenticated user to inject JavaScript, potentially gaining administrator privileges and executing JavaScript against other users, including unauthenticated ones. This is achieved via the `name`, `title`, or `id` parameter to the "plugins/dokuwiki/lib/plugins/changelinks/syntax.php" endpoint. **Recommendations** For Flyspray versions 1.0-rc4 through 1.0-rc5, update to version 1.0-rc6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Kanboard versions prior to 1.0.47 **Description** The issue allows an authenticated user to edit swimlanes of a private project belonging to another user by altering form data. **Recommendations** For versions prior to 1.0.47, update to version 1.0.47 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Kanboard versions prior to 1.0.47 **Description** The issue allows an authenticated user to edit columns of a private project belonging to another user by altering form data. **Recommendations** For versions prior to 1.0.47, update to version 1.0.47 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Kanboard versions prior to 1.0.47 **Description** The issue allows an authenticated user to remove categories from a private project of another user by altering form data. **Recommendations** For versions prior to 1.0.47, update to version 1.0.47 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Kanboard versions prior to 1.0.47 **Description** The issue allows an authenticated user to see the names of tags of a private project of another user by altering form data. **Recommendations** For versions prior to 1.0.47, update to version 1.0.47 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Kanboard versions prior to 1.0.47 **Description** The issue allows an authenticated user to remove attachments from a private project of another user by altering form data. **Recommendations** For versions prior to 1.0.47, update to version 1.0.47 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Tine 2.0 Community Edition versions prior to 2017.08.4 **Description** The issue allows an authenticated user to inject JavaScript via the `Filename` of the Filemanager, which is then mishandled during rendering by the application administrator and other users. This occurs due to a Stored XSS vulnerability involving the IMG element. **Recommendations** For versions prior to 2017.08.4, update to version 2017.08.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Tine 2.0 Community Edition versions prior to 2017.08.4 **Description** The issue allows an authenticated user to inject JavaScript via a Stored XSS vulnerability, specifically through the IMG element at the "Leadname" of CRM. This injected JavaScript is mishandled during rendering and can affect the application administrator and other users. **Recommendations** For versions prior to 2017.08.4, update to version 2017.08.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the "Leadname" field in the CRM to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Tiki versions prior to 16.3 Tiki versions 17.x prior to 17.1 Tiki versions 12.x prior to 12.12 LTS Tiki versions 15.x prior to 15.5 LTS **Description** A Cross-Site Request Forgery (CSRF) issue exists via the IMG element, allowing an authenticated user to gain administrator privileges if an administrator opens a wiki page containing a malicious IMG element, related to the tiki-assignuser.php file. **Recommendations** For Tiki versions prior to 16.3, update to version 16.3 or later. For Tiki versions 17.x prior to 17.1, update to version 17.1 or later. For Tiki versions 12.x prior to 12.12 LTS, update to version 12.12 LTS or later. For Tiki versions 15.x prior to 15.5 LTS, update to version 15.5 LTS or later.

**Name of the Vulnerable Software and Affected Versions** Tiki versions prior to 16.3 Tiki versions 17.x prior to 17.1 Tiki versions 12.x prior to 12.12 LTS Tiki versions 15.x prior to 15.5 LTS **Description** A Cross-Site Request Forgery (CSRF) issue exists via the IMG element, allowing an authenticated user to modify global permissions if an administrator opens a malicious wiki page. This could lead to assigning administrator privileges to unauthenticated users, related to the `tiki-objectpermissions.php` file. **Recommendations** For Tiki versions prior to 16.3, update to version 16.3 or later. For Tiki versions 17.x prior to 17.1, update to version 17.1 or later. For Tiki versions 12.x prior to 12.12 LTS, update to version 12.12 LTS or later. For Tiki versions 15.x prior to 15.5 LTS, update to version 15.5 LTS or later.

**Name of the Vulnerable Software and Affected Versions** eGroupware Community Edition versions prior to 16.1.20170922 **Description** The issue allows an unauthenticated remote attacker to inject JavaScript via the `User-Agent` HTTP header, which is mishandled during rendering by the application administrator. This occurs because the application fails to properly handle the `User-Agent` header, allowing malicious input to be executed. **Recommendations** For versions prior to 16.1.20170922, update to version 16.1.20170922 or later to resolve the issue. As a temporary workaround, consider restricting access to the application administrator interface to minimize the risk of exploitation. Avoid using the `User-Agent` header in the affected application until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Tine 2.0 Community Edition versions prior to 2017.08.4 **Description** The issue allows an authenticated user to inject JavaScript via an IMG element at the "History" of Profile, Calendar, Tasks, and CRM. This JavaScript is mishandled during rendering by the application administrator and other users. **Recommendations** For versions prior to 2017.08.4, update to version 2017.08.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the "History" section of Profile, Calendar, Tasks, and CRM to minimize the risk of exploitation.