Marc Olivier Bergeron

**Name of the Vulnerable Software and Affected Versions** Island Lake WebBatch versions prior to 2025C **Description** Island Lake WebBatch is susceptible to Remote Code Execution through a crafted URL. **Recommendations** Update Island Lake WebBatch to version 2025C or later.

Name of the Vulnerable Software and Affected Versions: Devolutions Server versions prior to 2021.1 Devolutions Server LTS versions prior to 2020.3.18 Description: The issue allows an administrative user to execute arbitrary SQL commands via a `username` in the "api/security/userinfo/delete" endpoint. Recommendations: For Devolutions Server versions prior to 2021.1, update to version 2021.1 or later. For Devolutions Server LTS versions prior to 2020.3.18, update to version 2020.3.18 or later. As a temporary workaround, consider restricting access to the "api/security/userinfo/delete" endpoint until a patch is available.