Chris Davis

Name of the Vulnerable Software and Affected Versions: Froala WYSIWYG Editor version 3.2.6-1 Description: The issue is related to a namespace confusion during parsing, which leads to a cross-site scripting (XSS) problem. Recommendations: For Froala WYSIWYG Editor version 3.2.6-1, update to a version that fixes the namespace confusion issue to prevent XSS attacks.

Name of the Vulnerable Software and Affected Versions: Cloud Manager versions prior to 3.9.4 Description: The issue allows a remote attacker to overwrite arbitrary system files. Recommendations: For Cloud Manager versions prior to 3.9.4, update to version 3.9.4 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Cloud Manager versions prior to 3.9.4 Description: The issue is related to an insecure Cross-Origin Resource Sharing (CORS) policy. This could allow a remote attacker to interact with Cloud Manager. CORS is a security feature that restricts web pages from making requests to a different origin (domain, protocol, or port) than the one the web page was loaded from. An insecure CORS policy can allow malicious scripts to make unauthorized requests on behalf of the user. Recommendations: For Cloud Manager versions prior to 3.9.4, update to version 3.9.4 or later to resolve the issue. As a temporary workaround, consider restricting access to Cloud Manager to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Cloud Manager versions prior to 3.9.4 Description: The issue allows a remote attacker to cause a Denial of Service (DoS). Recommendations: For Cloud Manager versions prior to 3.9.4, update to version 3.9.4 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: R versions prior to 4.0.3 Description: The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the `install.packages()` function from the interpreter. Recommendations: Update to version 4.0.3 to resolve the issue. As a temporary workaround, consider restricting the use of the `install.packages()` function and the R CMD install cli command until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Immuta version 2.8.2 **Description** The issue is related to improper session management, where user sessions are not revoked upon logout. **Recommendations** For Immuta version 2.8.2, consider implementing a custom session revocation mechanism upon user logout as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Immuta version 2.8.2 **Description** The issue allows a low-privileged user to escalate privileges to administrative permissions through stored XSS. Additionally, unauthenticated attackers can exploit reflected, DOM-based XSS to phish unauthenticated Immuta users, potentially stealing credentials or forcing actions on authenticated users. **Recommendations** For Immuta version 2.8.2, consider disabling the functionality that allows user input to be stored and displayed, as a temporary workaround to mitigate the risk of stored XSS exploitation. Restrict access to sensitive areas of the application to minimize the risk of privilege escalation. Avoid using the application until a fix is available to prevent potential phishing attacks through reflected, DOM-based XSS. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Immuta version 2.8.2 **Description** The issue is related to insecure permissions, which can lead to user account takeover. **Recommendations** For Immuta version 2.8.2, update to a version that addresses the insecure permissions issue to prevent user account takeover.

**Name of the Vulnerable Software and Affected Versions** Immuta version 2.8.2 **Description** The issue allows attackers to inject arbitrary HTML content into the application by supplying malicious project names. This could be used to redirect users to a phishing website in an attempt to steal credentials. **Recommendations** For Immuta version 2.8.2, update to a version that properly sanitizes user-supplied input to prevent HTML injection attacks. As a temporary workaround, consider restricting user input for project names to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Winston version 1.5.4 **Description** The issue concerns a lack of authorization enforcement in the affected devices. This can be exploited from within the intranet and potentially combined with other vulnerabilities to achieve remote exploitation. **Recommendations** For Winston version 1.5.4, consider implementing strict authorization controls to mitigate the risk of exploitation. As a temporary workaround, restrict access to sensitive areas of the device from the intranet to minimize the risk of unauthorized access.

**Name of the Vulnerable Software and Affected Versions** Winston version 1.5.4 **Description** The issue allows for a U-Boot interrupt, which can result in local root access. **Recommendations** For version 1.5.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Winston version 1.5.4 **Description** The issue concerns an undocumented SSH user account in Winston devices, which allows access from bastion hosts. This account is not mentioned in device documentation and its existence is not disclosed to users. **Recommendations** For Winston version 1.5.4, consider restricting access to the undocumented SSH user account to minimize potential risks until a formal fix or documentation update is provided. As a temporary workaround, review and adjust device configurations to limit access from bastion hosts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Winston version 1.5.4 **Description** The issue allows for command injection via the API. **Recommendations** For version 1.5.4, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Winston version 1.5.4 **Description** The API on Winston devices is vulnerable to CSRF, which is a type of attack that tricks a user into performing unintended actions on a web application. **Recommendations** For version 1.5.4, consider implementing CSRF protection mechanisms, such as token-based validation, to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** TinyMCE versions 4.9.10 and earlier TinyMCE versions 5.2.1 and earlier TinyMCE versions 5.4.0 and earlier **Description** A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script when configured in classic editing mode. The vulnerability is in the core parser and allows arbitrary JavaScript execution when inserting a specially crafted piece of content into the editor via the clipboard or APIs. **Recommendations** For TinyMCE versions 4.9.10 and earlier, upgrade to TinyMCE 4.9.11. For TinyMCE versions 5.2.1 and earlier, upgrade to TinyMCE 5.4.1. For users who cannot upgrade immediately, enable the media plugin to override the default parsing behaviour for iframes. Alternatively, add a workaround to update the parsing schema rules for iframes by using the following code: ```js setup: function(editor) { editor.on('PreInit', function() { editor.schema.getSpecialElements()['iframe'] = /</iframe[^>]*>/gi; }); } ```

**Name of the Vulnerable Software and Affected Versions** LibreHealth EMR version 2.0.0 **Description** The issue is related to systemic CSRF, which affects the software's ability to prevent cross-site request forgery attacks. **Recommendations** For LibreHealth EMR version 2.0.0, consider implementing proper CSRF token validation to prevent unauthorized requests. As a temporary workaround, restrict access to sensitive functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LibreHealth EMR version 2.0.0 **Description** The issue allows for cross-site scripting (XSS) attacks, which can force arbitrary actions on behalf of other users, including administrators. This means an attacker could potentially perform actions as if they were another user, without that user's knowledge or consent. **Recommendations** For LibreHealth EMR version 2.0.0, as a temporary workaround, consider disabling any features that may be susceptible to XSS attacks until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of exploitation. Avoid using the application for critical tasks that could be compromised by an XSS attack until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LibreHealth EMR version 2.0.0 **Description** The issue allows low-privilege authenticated users to perform SQL injection, enabling them to enumerate the database. **Recommendations** For LibreHealth EMR version 2.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LibreHealth EMR version 2.0.0 **Description** The issue allows for Local File Inclusion, enabling the inclusion and execution of arbitrary PHP code within the application. **Recommendations** For LibreHealth EMR version 2.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SecureAuth IdP version 9.3.0 **Description** The issue is related to a client-side template injection in SecureAuth.aspx, which allows for script execution similar to XSS. This enables potential attackers to execute scripts on the client-side. **Recommendations** For SecureAuth IdP version 9.3.0, consider disabling the affected SecureAuth.aspx page until a patch is available to prevent script execution. Restrict access to this page to minimize the risk of exploitation.