Edwin Shajan

**Name of the Vulnerable Software and Affected Versions** Information Kerala Mission SANCHAYA version 3.0.4 **Description** The issue in the Property Tax Payment Portal of Information Kerala Mission SANCHAYA allows attackers to arbitrarily modify payment amounts via a crafted request. **Recommendations** For version 3.0.4, consider restricting access to the payment modification functionality until a patch is available. As a temporary workaround, monitor payment transactions closely to detect and prevent any unauthorized modifications.

**Name of the Vulnerable Software and Affected Versions** KSRTC AWATAR app version 1.3.0 **Description** The issue is related to incorrect access control, allowing unauthorized viewing of sensitive information, including `usernames` and `passwords`. **Recommendations** For version 1.3.0, consider restricting access to sensitive information until a patch is available. As a temporary workaround, avoid using the app for sensitive transactions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.