Claudio Bozzato

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26 **Description** A flaw allows an application to potentially access protected user data due to a downgrade issue. This issue was addressed with additional code-signing restrictions. **Recommendations** Update to macOS Tahoe 26.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.7.3 **Description** An application may be able to circumvent launch constraint protections and execute malicious code with elevated privileges. **Recommendations** Update to macOS version 15.7.3.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo versions 14.4 WWBN AVideo dev master commit 8a8954ff **Description** A cross-site scripting (xss) vulnerability exists due to the `videoNotFound` `404ErrorMsg` parameter functionality. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigger this issue. **Recommendations** WWBN AVideo version 14.4: Address the vulnerability in the `videoNotFound` `404ErrorMsg` parameter to prevent arbitrary Javascript execution. WWBN AVideo dev master commit 8a8954ff: Address the vulnerability in the `videoNotFound` `404ErrorMsg` parameter to prevent arbitrary Javascript execution.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo version 14.4 WWBN AVideo dev master commit 8a8954ff **Description** An incomplete blacklist in the `.htaccess` sample allows for arbitrary code execution via a specially crafted HTTP request. An attacker can request a `.phar` file to trigger this issue. **Recommendations** Update WWBN AVideo to a version with a complete blacklist in the `.htaccess` sample. Avoid allowing requests for `.phar` files.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo versions 14.4 and dev master commit 8a8954ff **Description** A race condition exists in the `aVideoEncoder.json.php` unzip functionality. A series of specially crafted HTTP requests can lead to arbitrary code execution. **Recommendations** WWBN AVideo version 14.4: At the moment, there is no information about a newer version that contains a fix for this vulnerability. WWBN AVideo dev master commit 8a8954ff: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo version 14.4 WWBN AVideo dev master commit 8a8954ff **Description** A cross-site scripting (xss) issue exists in the LoginWordPress loginForm `cancelUri` parameter functionality. A crafted HTTP request can lead to arbitrary Javascript execution. An attacker can trigger this issue by getting a user to visit a webpage. **Recommendations** For WWBN AVideo version 14.4, sanitize or encode the `cancelUri` parameter to prevent the injection of malicious scripts. For WWBN AVideo dev master commit 8a8954ff, sanitize or encode the `cancelUri` parameter to prevent the injection of malicious scripts.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo versions 14.4 dev master commit 8a8954ff **Description** A cross-site scripting (xss) vulnerability exists in the `managerPlaylists PlaylistOwnerUsersId` parameter functionality. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigger this vulnerability. **Recommendations** WWBN AVideo version 14.4: Sanitize or encode user input for the `managerPlaylists PlaylistOwnerUsersId` parameter to prevent the injection of malicious scripts. dev master commit 8a8954ff: Sanitize or encode user input for the `managerPlaylists PlaylistOwnerUsersId` parameter to prevent the injection of malicious scripts.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo versions 14.4 and dev master commit 8a8954ff **Description** A cross-site scripting (xss) vulnerability exists in the `videosList` page parameter functionality. A specially crafted HTTP request can lead to arbitrary Javascript execution, potentially allowing an attacker to execute malicious code when a user visits a webpage. **Recommendations** WWBN AVideo version 14.4: Address the vulnerability in the `videosList` page parameter functionality to prevent arbitrary Javascript execution. WWBN AVideo dev master commit 8a8954ff: Address the vulnerability in the `videosList` page parameter functionality to prevent arbitrary Javascript execution.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo versions 14.4 and dev master commit 8a8954ff **Description** A cross-site scripting (xss) vulnerability exists due to the improper handling of the `cancelUri` parameter within the userLogin functionality. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can potentially trigger this vulnerability by getting a user to visit a malicious webpage. **Recommendations** WWBN AVideo version 14.4: Sanitize or properly encode the `cancelUri` parameter to prevent the injection of malicious scripts. WWBN AVideo dev master commit 8a8954ff: Sanitize or properly encode the `cancelUri` parameter to prevent the injection of malicious scripts.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.2 **Description** The issue is related to insufficient access control in the NVRAM Variable Handler component of MacOS, which may allow an attacker to gain unauthorized access to protected information. The problem was addressed with improved validation of environment variables. An app may be able to edit NVRAM variables. **Recommendations** For versions prior to 15.2, update to macOS Sequoia 15.2 to resolve the issue. As a temporary workaround, consider restricting access to NVRAM variables to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.7.2 macOS versions prior to 15.2 Description: The issue was addressed with improved permissions logic. An app may be able to modify protected parts of the file system. Recommendations: For macOS versions prior to 14.7.2, update to macOS Sonoma 14.7.2. For macOS versions prior to 15.2, update to macOS Sequoia 15.2.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.7 macOS Sonoma versions prior to 14.7 macOS Sequoia versions prior to 15 **Description** A library injection issue was addressed with additional restrictions. This issue allows an app to potentially modify protected parts of the file system. **Recommendations** For macOS versions prior to 13.7, update to macOS Ventura 13.7 to resolve the issue. For macOS Sonoma versions prior to 14.7, update to macOS Sonoma 14.7 to resolve the issue. For macOS Sequoia versions prior to 15, update to macOS Sequoia 15 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.7.6 macOS versions prior to 13.6.8 macOS versions prior to 14.6 **Description** An input validation issue was addressed with improved input validation, which may allow an app to modify protected parts of the file system. **Recommendations** For macOS versions prior to 12.7.6, update to macOS Monterey 12.7.6 to resolve the issue. For macOS versions prior to 13.6.8, update to macOS Ventura 13.6.8 to resolve the issue. For macOS versions prior to 14.6, update to macOS Sonoma 14.6 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo dev master commit 15fed957fb **Description** A recovery notification bypass issue exists in the userRecoverPass.php captcha validation functionality. This allows a specially crafted HTTP request to silently create a recovery pass code for any user. **Recommendations** As a temporary workaround, consider disabling the captcha validation functionality in the userRecoverPass.php file until a patch is available. Restrict access to the userRecoverPass.php file to minimize the risk of exploitation. Avoid using the recovery pass code functionality in the affected version until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo dev master commit 15fed957fb **Description** An information disclosure issue exists in the aVideoEncoderReceiveImage.json.php image upload functionality. A specially crafted HTTP request can lead to arbitrary file read. This issue is triggered by the `downloadURL image` parameter. **Recommendations** As a temporary workaround, consider restricting access to the aVideoEncoderReceiveImage.json.php functionality until a patch is available. Avoid using the `downloadURL image` parameter in the affected image upload functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo dev master commit 15fed957fb **Description** A login attempt restriction bypass issue exists in the `checkLoginAttempts` functionality. This can be triggered by a specially crafted HTTP request, leading to captcha bypass. An attacker can exploit this to brute force user credentials by sending a series of HTTP requests. **Recommendations** For WWBN AVideo dev master commit 15fed957fb, as a temporary workaround, consider disabling the `checkLoginAttempts` functionality until a patch is available. Restrict access to the login functionality to minimize the risk of exploitation. Avoid using the login feature in the affected version until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo dev master commit 15fed957fb **Description** A vulnerability exists in the import.json.php temporary copy functionality, allowing unrestricted PHP file uploads. This can lead to arbitrary code execution when combined with a Local File Inclusion (LFI) vulnerability. An attacker can exploit this issue by sending specially crafted HTTP requests. **Recommendations** As a temporary workaround, consider disabling the import.json.php functionality until a patch is available. Restrict access to the temporary copy functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo dev master commit 15fed957fb **Description** An information disclosure issue exists in the image404Raw.php functionality. A specially crafted HTTP request can lead to arbitrary file read. **Recommendations** For WWBN AVideo dev master commit 15fed957fb, consider restricting access to the image404Raw.php functionality until a patch is available. As a temporary workaround, avoid using this functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo dev master commit 15fed957fb **Description** An information disclosure issue exists in the aVideoEncoderReceiveImage.json.php image upload functionality. A specially crafted HTTP request can lead to arbitrary file read. This issue is triggered by the `downloadURL gifimage` parameter. **Recommendations** As a temporary workaround, consider restricting access to the `aVideoEncoderReceiveImage.json.php` file until a patch is available. Avoid using the `downloadURL gifimage` parameter in the affected functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WWBN AVideo dev master commit 15fed957fb **Description** A cross-site scripting (xss) issue exists in the navbarMenuAndLogo.php user name functionality. This allows an attacker to execute arbitrary Javascript code through a specially crafted HTTP request. An attacker can exploit this by getting a user to visit a malicious webpage. **Recommendations** For WWBN AVideo dev master commit 15fed957fb, consider disabling the user name functionality in navbarMenuAndLogo.php until a patch is available to prevent arbitrary Javascript execution. Restrict access to this functionality to minimize the risk of exploitation. Avoid using the user name field in the navbarMenuAndLogo.php file until the issue is resolved.