Mason Corkern

**Name of the Vulnerable Software and Affected Versions** Jami (affected versions not specified) **Description** The issue arises when a user inserts special characters into the `nickname` field within the Jami application, causing it to fail and resulting in a local denial of service. This prevents the application from creating the signature for the user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Jami version 20222284 **Description** The issue is related to improper input validation in hyperlink interpretation. This allows an attacker to send a custom HTML anchor tag to pass a string value to the Windows QRC Handler through the Jami messenger. **Recommendations** For Jami version 20222284, consider disabling the hyperlink interpretation feature until a patch is available to prevent exploitation. Restrict access to the Windows QRC Handler to minimize the risk of passing malicious string values. Avoid using custom HTML anchor tags in the Jami messenger until the issue is resolved.