Grzegorz Misiun

Name of the Vulnerable Software and Affected Versions Cisco Integrated Management Controller (affected versions not specified) Description A flaw exists in the web-based management interface of Cisco IMC that could allow a remote attacker with admin-level privileges to execute arbitrary code as the root user. This is due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit this by sending crafted HTTP requests to an affected device. Successful exploitation could allow the attacker to execute arbitrary code on the underlying operating system as the root user. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Cisco IMC (affected versions not specified) Description A flaw exists in the web-based management interface of Cisco IMC that may allow a remote attacker with administrative privileges to perform a stored Cross-Site Scripting (XSS) attack against a user of the interface. This is caused by inadequate validation of user input. An attacker could potentially trick a user into clicking a malicious link, leading to the execution of arbitrary script code in the user's browser or the compromise of sensitive browser-based information. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Integrated Management Controller (IMC) (affected versions not specified) **Description** A flaw exists in the web-based management interface of Cisco IMC that could allow a remote attacker with read-only privileges to inject commands and execute arbitrary commands as the root user. This is due to insufficient validation of user-supplied input. An attacker could exploit this by sending crafted commands to the web-based management interface. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Cisco IMC (affected versions not specified) Description A flaw exists in the web-based management interface of Cisco IMC that could allow an authenticated, remote attacker with admin-level privileges to execute arbitrary commands as the root user. This is due to insufficient validation of user-supplied input. An attacker could exploit this by sending crafted commands to the web-based management interface. Successful exploitation could lead to arbitrary command execution on the underlying operating system with root privileges. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Cisco Integrated Management Controller (affected versions not specified) Description A flaw exists in the web-based management interface of Cisco IMC that could allow a remote attacker with admin-level privileges to inject commands and execute arbitrary code as the root user. This is due to insufficient validation of user-supplied input. An attacker could exploit this by sending crafted commands to the web-based management interface. Successful exploitation could lead to arbitrary command execution on the operating system with root privileges. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Cisco IMC (affected versions not specified) Description A flaw exists in the web-based management interface of Cisco IMC that could allow a remote attacker to perform a reflected cross-site scripting (XSS) attack against a user. This is caused by inadequate validation of user input. An attacker could trick a user into clicking a specially crafted link, potentially leading to the execution of arbitrary script code in the user's browser or the compromise of sensitive browser-based information. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Cisco Integrated Management Controller (affected versions not specified) Description A flaw exists in the web-based management interface of Cisco IMC due to insufficient validation of user input. This could allow an authenticated, remote attacker with administrative privileges to conduct a stored cross-site scripting (XSS) attack against a user of the interface. An attacker could exploit this by persuading a user to click a crafted link, potentially allowing the execution of arbitrary script code in the user's browser or access to sensitive, browser-based information. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Cisco IMC (affected versions not specified) Description A flaw exists in the web-based management interface of Cisco IMC that could allow a remote attacker with administrative privileges to perform a stored cross-site scripting (XSS) attack against a user of the interface. This is due to inadequate validation of user input. An attacker could trick a user into clicking a malicious link, potentially enabling the execution of arbitrary script code in the user's browser or gaining access to sensitive browser-based information. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Cisco IMC (affected versions not specified) Description A flaw exists in the web-based management interface of Cisco IMC that could allow a remote attacker with administrative privileges to perform a stored cross-site scripting (XSS) attack against a user of the interface. This is due to inadequate validation of user input. An attacker could potentially trick a user into clicking a malicious link, which could lead to the execution of arbitrary script code in the user's browser or the compromise of sensitive browser-based information. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Backdrop CMS versions 1.28.x through 1.28.4 Backdrop CMS versions 1.29.x through 1.29.2 Description: A cross-site scripting (XSS) issue was discovered in Backdrop CMS when using the CKEditor 5 rich text editor. The issue arises because the system does not sufficiently isolate long text content, allowing a potential attacker to craft specialized HTML and JavaScript that may be executed when an administrator attempts to edit a piece of content. This issue is mitigated by the fact that an attacker must have the ability to create long text content and an administrator must edit the content that contains the malicious content. Recommendations: For Backdrop CMS versions 1.28.x through 1.28.4, update to version 1.28.5 or later. For Backdrop CMS versions 1.29.x through 1.29.2, update to version 1.29.3 or later. As a temporary workaround, consider disabling the CKEditor 5 module until a patch is available. Restrict access to the node or comment forms to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Backdrop CMS versions 1.28.x through 1.28.4 Backdrop CMS versions 1.29.x through 1.29.2 Description: A security issue was discovered related to the validation of uploaded SVG images. These images can contain clickable links and executable scripting. An attacker could potentially execute scripting in the browser when an SVG image is viewed directly by its URL. However, the attacker must have the ability to upload SVG images, and the scripting is prevented from executing when the SVG is embedded within `<img>` tags. Recommendations: For Backdrop CMS versions 1.28.x through 1.28.4, update to version 1.28.5 or later. For Backdrop CMS versions 1.29.x through 1.29.2, update to version 1.29.3 or later.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 8.1.x through 8.1.12 Mattermost versions 9.5.x through 9.5.3 Mattermost versions 9.6.x through 9.6.1 Mattermost versions 9.7.x through 9.7.1 **Description** The issue arises from the failure to check if the email signup configuration option is enabled when a user requests to switch from SAML to email authentication. This allows a user to switch their authentication method and potentially edit personal details that were otherwise non-editable and provided by the SAML provider. **Recommendations** For Mattermost versions 8.1.x through 8.1.12, update to a version later than 8.1.12 to resolve the issue. For Mattermost versions 9.5.x through 9.5.3, update to a version later than 9.5.3 to resolve the issue. For Mattermost versions 9.6.x through 9.6.1, update to a version later than 9.6.1 to resolve the issue. For Mattermost versions 9.7.x through 9.7.1, update to a version later than 9.7.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 8.1.x through 8.1.11 Mattermost versions 9.4.x through 9.4.4 Mattermost versions 9.5.x through 9.5.2 Mattermost versions 9.6.x through 9.6.0 **Description** The issue allows an attacker to obtain information about the server, including the full path where files are stored, due to detailed error messages not being removed in API requests even when developer mode is off. **Recommendations** For versions 8.1.x through 8.1.11, update to a version later than 8.1.11 to resolve the issue. For versions 9.4.x through 9.4.4, update to a version later than 9.4.4 to resolve the issue. For versions 9.5.x through 9.5.2, update to a version later than 9.5.2 to resolve the issue. For versions 9.6.x through 9.6.0, update to a version later than 9.6.0 to resolve the issue. As a temporary workaround, consider restricting access to API endpoints that may reveal detailed error messages until a patch is available.