Edouard Schweisguth

**Name of the Vulnerable Software and Affected Versions** MunkiReport versions prior to 1.5 **Description** A Cross-Site Scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is due to a vulnerability in the munki facts module, also known as Munki Conditions. **Recommendations** For versions prior to 1.5, update to version 1.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the munki facts module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MunkiReport versions prior to 5.6.3 **Description** A SQL injection issue allows attackers to execute arbitrary SQL commands. This is achieved via the `order[0][dir]` field on POST requests to the "/datatables/data" API endpoint. **Recommendations** For versions prior to 5.6.3, update to version 5.6.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/datatables/data" API endpoint to minimize the risk of exploitation. Avoid using the `order[0][dir]` field in POST requests to this endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** MunkiReport versions prior to 3.5 **Description** A SQL injection issue in the reportdata module allows attackers to execute arbitrary SQL commands. This is achieved by manipulating the `req` parameter of the "/module/reportdata/ip" endpoint. **Recommendations** For versions prior to 3.5, consider restricting access to the "/module/reportdata/ip" endpoint until a patch is available. As a temporary workaround, avoid using the `req` parameter in the affected endpoint to minimize the risk of exploitation. Update to version 3.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MunkiReport Software Update module versions prior to 1.6 **Description** A SQL injection issue in the softwareupdate controller.php file allows attackers to execute arbitrary SQL commands via the last URL parameter of the "/module/softwareupdate/get tab data/" endpoint. **Recommendations** For versions prior to 1.6, update to version 1.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/module/softwareupdate/get tab data/" endpoint until a patch is available. Avoid using the last URL parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** MunkiReport versions prior to 5.3.0 **Description** An issue allows an authenticated user to achieve SQL Injection in app/models/tablequery.php by crafting a special payload on the "datatables/data" endpoint. **Recommendations** For versions prior to 5.3.0, update to version 5.3.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the "datatables/data" endpoint to minimize the risk of exploitation. Avoid using potentially vulnerable parameters in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Munkireport versions prior to 5.3.0.3923 **Description** An issue was discovered that allows an unauthenticated actor to send a custom XSS payload through the "/report/broken client" endpoint. The payload will be executed by any authenticated users browsing the application. This issue concerns the app/views/listings/default.php file. **Recommendations** For versions prior to 5.3.0.3923, update to version 5.3.0.3923 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/report/broken client" endpoint to minimize the risk of exploitation.