Dila

**Name of the Vulnerable Software and Affected Versions** OpenText FirstClass version 8.0 **Description** The issue arises from improper sanitization of strings before they are passed to the Windows ShellExecute API. This allows remote attackers to execute arbitrary commands via a UNC path in a bookmark. **Recommendations** For OpenText FirstClass version 8.0, consider disabling the use of UNC paths in bookmarks until a patch is available. Restrict access to the Windows ShellExecute API to minimize the risk of exploitation. Avoid using the bookmark feature with UNC paths in the affected version until the issue is resolved.