Geoffrey Robert

**Name of the Vulnerable Software and Affected Versions** GestSup versions up to and including 3.2.56 **Description** The application does not verify the authenticity of client requests, leading to a cross-site request forgery condition. An attacker can potentially trick a logged-in user into submitting malicious requests, allowing the attacker to perform actions with the user's permissions. Specifically, this can be used to create privileged accounts by targeting the administrative user creation endpoint ''/admin/createUser''. The `createUser()` function is vulnerable to this attack. **Recommendations** Versions prior to 3.2.56 are recommended to be used.

**Name of the Vulnerable Software and Affected Versions** GestSup versions up to and including 3.2.56 **Description** GestSup versions up to and including 3.2.56 contain a SQL injection issue in the search bar functionality. User-controlled search input is incorporated into SQL queries without sufficient neutralization, allowing an authenticated attacker to manipulate database queries. Successful exploitation can result in unauthorized access to or modification of database contents depending on database privileges. The vulnerable component is the search bar. The input to the search bar, controlled by the user, is directly used in SQL queries without proper sanitization. **Recommendations** Update GestSup to a version newer than 3.2.56.

**Name of the Vulnerable Software and Affected Versions** GestSup versions up to and including 3.2.56 **Description** GestSup versions up to and including 3.2.56 contain a SQL injection issue in the ticket creation functionality. User-controlled input during ticket creation is used in SQL queries without proper sanitization, potentially allowing an authenticated attacker to manipulate database queries. Successful exploitation could lead to unauthorized access or modification of database contents, depending on database privileges. **Recommendations** Update GestSup to a version newer than 3.2.56.

**Name of the Vulnerable Software and Affected Versions** GestSup versions up to and including 3.2.56 **Description** GestSup versions up to and including 3.2.56 have multiple SQL injection flaws in the asset list functionality. Request parameters used to filter, search, or sort assets are included in SQL queries without proper sanitization. A successful attack by an authenticated user could lead to unauthorized access or modification of database contents, depending on database permissions. **Recommendations** Update GestSup to a version newer than 3.2.56.

**Name of the Vulnerable Software and Affected Versions** GestSup versions up to and including 3.2.56 **Description** GestSup versions up to and including 3.2.56 contain a pre-authentication stored cross-site scripting (XSS) issue in the API error logging functionality. An unauthenticated attacker can inject attacker-controlled HTML/JavaScript into log entries by sending a crafted API request with a malicious `X-API-KEY` header value to the `/api/v1/ticket.php` endpoint. When an administrator views the affected logs in the web interface, the injected content is rendered without proper output encoding, leading to arbitrary script execution in the administrator’s browser session. **Recommendations** GestSup versions prior to 3.2.56 should be updated.