Gabriele Gristina

**Name of the Vulnerable Software and Affected Versions** D-Link DSL-320B-D1 devices through EU 1.25 **Description** The issue is related to a buffer overflow in the device's firmware, allowing a remote attacker to gain unauthorized access to the device with user login.xgi privileges. The vulnerability can be exploited by unauthenticated remote attackers via the `login.xgi` user and pass parameters. It is noted that this issue only affects products that are no longer supported by the maintainer. **Recommendations** For D-Link DSL-320B-D1 devices through EU 1.25, as a temporary workaround, consider disabling the `login.xgi` user until a patch is available. Restrict access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (ISE) version 2.1 **Description** The issue is related to insufficient validation of user-supplied input in the web-based guest portal, allowing an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack. This could enable the attacker to execute arbitrary script code or access sensitive browser-based information by persuading a user to click a crafted link. **Recommendations** For Cisco ISE software version 2.1, update to a version that includes the fix for this issue to prevent cross-site scripting attacks. As a temporary workaround, consider restricting access to the web-based management interface to minimize the risk of exploitation. Avoid using the interface with untrusted input until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** IBM Worklight Framework versions 6.1 through 8.0 **Description** A Reflected Cross Site Scripting (XSS) issue exists in the authorization function of the RESTful Web Api. The `scope` parameter is vulnerable; if its value is set to a "realm" not defined in authenticationConfig.xml, it will be reflected in the HTTP response body. This allows for the injection of arbitrary JavaScript code, potentially modifying the authorization flow and leading to credential disclosure within a trusted session. **Recommendations** For IBM Worklight Framework versions 6.1 through 8.0, as a temporary workaround, consider restricting the use of the `scope` parameter in the authorization function until a patch is available. Avoid setting the `scope` parameter to arbitrary values, especially those that could be interpreted as JavaScript code, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.