Chris Burge

**Name of the Vulnerable Software and Affected Versions** Acquia DAM versions 0.0.0 through 1.1.4 **Description** A missing authorization issue exists in Drupal Acquia DAM, allowing for forceful browsing. This allows unauthorized access to resources. **Recommendations** Update Acquia DAM to version 1.1.5 or later.

Name of the Vulnerable Software and Affected Versions: oEmbed Providers versions 0.0.0 through 2.2.1 Description: The issue affects oEmbed Providers, allowing Cross-Site Scripting (XSS) due to improper neutralization of input during web page generation. Recommendations: For versions 0.0.0 through 2.2.1, update to version 2.2.2 or later to resolve the issue.