Maoqiu

**Name of the Vulnerable Software and Affected Versions** opencc JFlow versions prior to 5badc00db382d7cb82dad231e6a866b18e0addfe **Description** A flaw exists in opencc JFlow that allows for injection. This manipulation can be performed remotely. The vulnerable component is the `Calculate` function within the `src/main/java/bp/wf/httphandler/WF CCForm.java` file. The project has been notified of the issue but has not yet responded. A public exploit is available. **Recommendations** Apply updates as they become available through the rolling release system. As a temporary workaround, consider restricting access to the `WF CCForm.java` file. Disable or restrict the use of the `Calculate` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** opencc JFlow versions prior to 20260129 **Description** A flaw exists in opencc JFlow’s Workflow Engine component, specifically within the `Imp Done` function of the `src/main/java/bp/wf/httphandler/WF Admin AttrFlow.java` file. This issue stems from the manipulation of the `File` argument, leading to XML External Entity (XXE) reference. The attack can be initiated remotely. The details of this issue have been publicly disclosed, and the project has been notified but has not yet responded. **Recommendations** Update opencc JFlow to a version later than 20260129. As a temporary workaround, restrict access to the `WF Admin AttrFlow.java` file. Avoid using the `File` argument in the `Imp Done` function until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** bolo-blog bolo-solo versions prior to 2.6.5 **Description** A path traversal issue exists in the ZIP File Handler component of bolo-blog bolo-solo. The issue is located in the `unpackFilteredZip` function within the `src/main/java/org/b3log/solo/bolo/prop/BackupService.java` file. Manipulating the `File` argument can lead to path traversal, and the attack can be carried out remotely. The exploit is publicly available. The project was notified of the issue but has not yet responded. **Recommendations** Update bolo-blog bolo-solo to version 2.6.5 or later. As a temporary workaround, restrict access to the `unpackFilteredZip` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** bolo-blog bolo-solo versions up to 2.6.4 **Description** A path traversal issue exists in the Filename Handler component of bolo-blog bolo-solo. The issue is located in the `importFromMarkdown` function within the file `src/main/java/org/b3log/solo/bolo/prop/BackupService.java`. Manipulation of the `File` argument can lead to path traversal, potentially allowing remote exploitation. The exploit has been published. **Recommendations** Versions prior to 2.6.4 are vulnerable. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** bolo-blog bolo-solo versions up to 2.6.4 **Description** A path traversal issue exists due to the manipulation of the `File` argument within the `importFromCnblogs()` function located in the `src/main/java/org/b3log/solo/bolo/prop/BackupService.java` file of the Filename Handler component. This allows for remote exploitation. The details of the exploit have been publicly disclosed. The project maintainers were notified of the issue but have not yet responded. **Recommendations** Versions prior to 2.6.4 should be used. As a temporary workaround, consider restricting access to the `importFromCnblogs()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** bolo-blog bolo-solo versions up to 2.6.4 **Description** A flaw exists in bolo-blog bolo-solo up to version 2.6.4, specifically within the FreeMarker Template Handler component and the file `src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java`. The issue involves unrestricted file upload, potentially triggered by manipulating the `File` argument. This allows for remote exploitation. The exploit for this issue has been publicly released. The project maintainers were notified of the problem but have not yet responded. **Recommendations** Versions up to 2.6.4 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** bolo-solo versions up to 2.6.4 **Description** A flaw exists in bolo-solo up to version 2.6.4 related to deserialization. The issue resides within the `importMarkdownsSync` function located in the file `src/main/java/org/b3log/solo/bolo/prop/BackupService.java` of the SnakeYAML component. This manipulation can be initiated remotely, and details of the exploit are publicly available. **Recommendations** Versions prior to 2.6.4 should be updated. As a temporary workaround, consider restricting access to the `importMarkdownsSync` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** lwj Flow (affected versions not specified) **Description** A security issue exists in lwj Flow related to unrestricted file uploads. The `uploadFile` function within the SVG File Handler component, located in the file `flow-masterflow-front-restsrcmainjavacomdragonflowwebresourceflowFormResource.java`, is susceptible to manipulation through the `File` argument. This allows for unrestricted upload capabilities and can be exploited remotely. The exploit has been publicly disclosed. The product uses a continuous delivery model, making specific version details unavailable. The project maintainers were notified of the issue but have not yet responded. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.