Liqiang-Fit2Cloud

**Name of the Vulnerable Software and Affected Versions** MaxKB versions prior to 2.8.0 **Description** An incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the LD PRELOAD-based sandbox. The system restricts untrusted Python code execution via the 'Tool Debug API' by injecting `sandbox.so` through the `LD PRELOAD` environment variable to intercept sensitive C library functions such as `execve`, `socket`, and `open`. However, because the `/usr/bin/env` utility can be executed, an attacker can run the `env -i python` command. The `-i` flag clears all environment variables, including `LD PRELOAD`, which removes the `sandbox.so` hook. This allows the newly spawned Python process to execute natively, resulting in unrestricted Remote Code Execution (RCE) and network access. **Recommendations** Update to version 2.8.0.

**Name of the Vulnerable Software and Affected Versions** MaxKB versions prior to 2.8.0 **Description** A Stored Cross-Site Scripting (XSS) issue exists when creating an application via the application name or icon fields. When a user visits the public chat interface '/ui/chat/{access token}', the `ChatHeadersMiddleware` retrieves application data and inserts the unescaped name and icon into the HTML response using string replacement. This allows for the execution of arbitrary JavaScript in the browser context of the victim. **Recommendations** Update to version 2.8.0.

**Name of the Vulnerable Software and Affected Versions** MaxKB versions prior to 2.8.0 **Description** Authenticated users can inject arbitrary HTML and JavaScript into the Application prologue (Opening Remarks) field by wrapping malicious payloads in <html rander> tags. The backend fails to sanitize or encode HTML entities in the prologue field when applications are created or updated via the '/admin/api/workspace/{workspace id}/application' endpoint, storing the raw payload in the database. The frontend renders this content using an innerHTML-equivalent mechanism, allowing persistent DOM-based Stored Cross-Site Scripting (XSS) execution against any visitor who opens the affected chatbot interface. This can lead to session hijacking, sensitive data exposure, and unauthorized actions such as deleting workspaces or applications. **Recommendations** Update to version 2.8.0.

Name of the Vulnerable Software and Affected Versions: MeterSphere versions prior to 3.6.5-lts Description: MeterSphere, a continuous testing platform, contains a flaw due to improper validation or sanitization of the `sortField` parameter in specific API endpoints. This allows attackers to inject and execute arbitrary SQL statements through the sorting functionality, potentially leading to modification or deletion of database contents and a full compromise of the application’s database integrity and availability. Recommendations: Update to version 3.6.5-lts or later.

Name of the Vulnerable Software and Affected Versions: MaxKB versions prior to 1.10.4-lts Description: A reverse shell vulnerability exists in the module of the function library, allowing privileged users to create a reverse shell. This issue is related to the function library module. Recommendations: For versions prior to 1.10.4-lts, update to version 1.10.4-lts to resolve the issue. As a temporary workaround, consider restricting access to the function library module to minimize the risk of exploitation.