Martin Wrona

**Name of the Vulnerable Software and Affected Versions** Microsoft Office SharePoint (affected versions not specified) **Description** The software contains a flaw due to improper neutralization of input during web page generation, which can lead to cross-site scripting. An authorized attacker can exploit this to perform spoofing over a network. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Zyxel AX7501-B1 firmware versions prior to V5.17(ABPC.5.3)C0 **Description** A post-authentication command injection issue in the `zyUtilMailSend` function could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device. **Recommendations** For Zyxel AX7501-B1 firmware versions prior to V5.17(ABPC.5.3)C0, consider disabling the `zyUtilMailSend` function until a patch is available to prevent potential command injection attacks.

**Name of the Vulnerable Software and Affected Versions** Azure Database for PostgreSQL Flexible Server (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the Azure Database for PostgreSQL Flexible Server. It is associated with a failure to properly clean up data at the management level. Exploitation of this issue could allow a remote attacker to execute arbitrary code and elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Azure Database for PostgreSQL Flexible Server (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in Azure Database for PostgreSQL Flexible Server. It is associated with a failure to properly clean up data at the management level. Exploitation of this issue could allow a remote attacker to execute arbitrary code and elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.