Maxime Nadeau

Name of the Vulnerable Software and Affected Versions: angular-expressions versions prior to 1.1.2 Description: The issue allows Remote Code Execution if `expressions.compile(userControlledInput)` is called where `userControlledInput` is text that comes from user input. The security of the package could be bypassed by using a more complex payload, using a `.constructor.constructor` technique. If running angular-expressions in the browser, an attacker could run any browser script when the application code calls `expressions.compile(userControlledInput)`. If running angular-expressions on the server, an attacker could run any Javascript expression, thus gaining Remote Code Execution. Recommendations: To resolve the issue, upgrade to version 1.1.2 of angular-expressions. As a temporary workaround, consider disabling user-controlled input that will be fed into angular-expressions in your application. Alternatively, restrict the `userControlledInput` to only allow specific characters, such as those matching the regex `/^[|a-zA-Z.0-9 :"'+-?]+$/`.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to errors in privilege management within the Windows Update Stack component of Windows operating systems. This can allow a remote attacker to elevate their privileges. The vulnerability enables attackers to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Pulse Connect Secure and Pulse Policy Secure versions prior to 9.1R8.2 **Description** A vulnerability in the authenticated user web interface could allow attackers to conduct Cross-Site Scripting (XSS). **Recommendations** For Pulse Connect Secure and Pulse Policy Secure versions prior to 9.1R8.2, update to version 9.1R8.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Pulse Connect Secure versions prior to 9.1R8.2 **Description** A vulnerability in the Pulse Connect Secure admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity (XXE) vulnerability. **Recommendations** For versions prior to 9.1R8.2, update to version 9.1R8.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Angular Expressions versions prior to 1.0.1 **Description** The issue allows for remote code execution if `expressions.compile(userControlledInput)` is called where `userControlledInput` is text from user input. In a browser environment, an attacker could run any browser script when the application code calls `expressions.compile(userControlledInput)`. On a server, an attacker could run any Javascript expression, thus gaining remote code execution. **Recommendations** For versions prior to 1.0.1, upgrade to version 1.0.1 of angular-expressions. As a temporary workaround, consider disabling user-controlled input that will be fed into angular-expressions in your application. Alternatively, restrict `userControlledInput` to only allow specific characters by using a regular expression filter, such as `if (/^[|a-zA-Z.0-9 :"+'-?]+$/.test(userControlledInput))`.