David R Newman

**Name of the Vulnerable Software and Affected Versions** EPrints version 3.4.2 **Description** The issue exposes a reflected XSS opportunity via a cgi/cal URI. **Recommendations** For EPrints version 3.4.2, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** EPrints version 3.4.2 **Description** The issue allows for a reflected XSS opportunity. This is due to the dataset parameter in the "cgi/dataset dictionary" URI being vulnerable. **Recommendations** For EPrints version 3.4.2, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** EPrints version 3.4.2 **Description** The issue allows remote attackers to read arbitrary files and possibly execute commands by providing crafted JSON or XML input to the "cgi/ajax/phrase" API endpoint. **Recommendations** For EPrints version 3.4.2, consider restricting access to the cgi/ajax/phrase URI until a patch is available. As a temporary workaround, avoid using the cgi/ajax/phrase endpoint with JSON or XML input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** EPrints version 3.4.2 **Description** The issue allows remote attackers to execute arbitrary commands via crafted input to the `verb` parameter in a "cgi/toolbox/toolbox" URI. This can lead to unauthorized access and control of the system. **Recommendations** For EPrints version 3.4.2, consider restricting access to the "cgi/toolbox/toolbox" URI until a patch is available. As a temporary workaround, avoid using the `verb` parameter in the affected URI to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.