Giulioschiavone

**Name of the Vulnerable Software and Affected Versions** Orban Optimod 5950 Orban Optimod 5950HD Orban Optimod 5750 Orban Optimod 5750HD Orban Optimod Trio versions 1.0.0.33 through 2.5.26 **Description** A flaw exists that allows a remote attacker to escalate privileges. The application stores user privilege and role information in client-side browser storage, potentially allowing unauthorized access. **Recommendations** Update Orban Optimod 5950 to a version later than 2.5.26. Update Orban Optimod 5950HD to a version later than 2.5.26. Update Orban Optimod 5750 to a version later than 2.5.26. Update Orban Optimod 5750HD to a version later than 2.5.26. Update Orban Optimod Trio to a version later than 2.5.26.

**Name of the Vulnerable Software and Affected Versions** Optimod versions 1.0.0.33 and 2.5.26 Optimod 5950 Optimod 5950HD Optimod 5750 Optimod 5750HD Optimod Trio **Description** A stored cross-site scripting (XSS) issue exists in Optimod audio processors. This allows a remote attacker to execute arbitrary JavaScript code within a user's web browser. The attack involves injecting a malicious payload into the logs, which are then rendered in the user interface. **Recommendations** Update Optimod version 1.0.0.33 to a newer version. Update Optimod version 2.5.26 to a newer version. Update Optimod 5950 to a newer version. Update Optimod 5950HD to a newer version. Update Optimod 5750 to a newer version. Update Optimod 5750HD to a newer version. Update Optimod Trio to a newer version.