Goh Jing Loon

**Name of the Vulnerable Software and Affected Versions** NetGuardian DIN Remote Telemetry Unit (RTU) (affected versions not specified) **Description** The issue concerns multiple security vulnerabilities in the web interface of the NetGuardian DIN Remote Telemetry Unit (RTU). Attackers can exploit these vulnerabilities to perform critical actions such as escalating user privileges, stealing user credentials, Cross Site Scripting (XSS), and Cross-Site Request Forgery (CSRF). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** node-red-dashboard versions prior to 2.17.0 **Description** The issue allows for JavaScript injection due to the ui notification node accepting raw HTML by default. **Recommendations** For node-red-dashboard versions prior to 2.17.0, update to version 2.17.0 or later to resolve the issue.