Fmancardi

**Name of the Vulnerable Software and Affected Versions** TestLink version 1.9.20 **Description** The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension to a publicly accessible directory of the application. This is made possible by an unrestricted file upload vulnerability in the keywordsImport.php file. An authenticated attacker can upload a malicious file containing PHP code to execute operating system commands. **Recommendations** For TestLink version 1.9.20, consider restricting access to the keywordsImport.php file to prevent malicious file uploads until a patch is available. As a temporary workaround, restrict the types of files that can be uploaded to prevent executable files from being uploaded.

**Name of the Vulnerable Software and Affected Versions** TestLink versions prior to 1.9.20 **Description** The issue allows for XSS via non-lowercase javascript: in the `reqURI` parameter of index.php. This problem exists due to an incomplete fix for a previous issue. **Recommendations** For versions prior to 1.9.20, update to version 1.9.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the `reqURI` parameter in index.php to minimize the risk of exploitation.