Felipe Monteiro

Name of the Vulnerable Software and Affected Versions Phoca Maps versions 5.0.0 through 6.0.2 Description The Phoca Maps component contains stored cross-site scripting (XSS) vulnerabilities in the maps and icon rendering logic. These flaws could allow an attacker to inject malicious scripts into web pages viewed by other users. Recommendations Update Phoca Maps to a version later than 6.0.2.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 17.5 iPadOS versions prior to 17.5 **Description** This issue was addressed through improved state management. An attacker with physical access to a device may be able to disable Stolen Device Protection. **Recommendations** For iOS versions prior to 17.5, update to iOS 17.5 to resolve the issue. For iPadOS versions prior to 17.5, update to iPadOS 17.5 to resolve the issue.