Kov404

**Name of the Vulnerable Software and Affected Versions** Fiora chat application version 1.0.0 **Description** A Cross Site Scripting (XSS) issue exists in the Fiora chat application. The application allows the execution of arbitrary JavaScript code when malicious SVG files are rendered by other users. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux Server Heimdall version 2.6.1 **Description** An issue in Linux Server Heimdall allows a remote attacker to execute arbitrary code via a crafted script to the "Add new application" endpoint. **Recommendations** For Linux Server Heimdall version 2.6.1, update to a newer version that contains a fix for this issue.