Mdavistffhrtporg

**Name of the Vulnerable Software and Affected Versions** OpenSift versions prior to 1.6.3-alpha **Description** OpenSift is an AI study tool that uses semantic search and generative AI to process large datasets. Versions of OpenSift prior to 1.6.3-alpha had path-injection risks in file read, write, and delete operations due to inconsistent base-directory containment enforcement in multiple storage helpers. This could allow malicious path-like values to be introduced, potentially leading to unauthorized file system access. **Recommendations** Update to version 1.6.3-alpha or later.

**Name of the Vulnerable Software and Affected Versions** OpenSift versions prior to 1.6.3-alpha **Description** OpenSift is an AI study tool that uses semantic search and generative AI to process large datasets. The URL ingest pipeline had insufficient restrictions on user-controlled remote URLs, creating potential Server-Side Request Forgery (SSRF) vulnerabilities in deployments that are not limited to localhost. Specifically, the pipeline lacked restrictions for credentialed URLs, non-standard ports, and cross-host redirects, despite having some private/local host checks. The issue was addressed in version 1.6.3-alpha. **Recommendations** Update to version 1.6.3-alpha or later.

**Name of the Vulnerable Software and Affected Versions** OpenSift versions 1.1.2-alpha and below **Description** OpenSift, an AI study tool, uses non-atomic and insufficiently synchronized local JSON persistence flows in versions 1.1.2-alpha and earlier. This can lead to concurrent operations losing updates or corrupting local state across sessions, impacting study, quiz, flashcard, wellness, and authentication stores. **Recommendations** Update to version 1.1.3-alpha or later.

**Name of the Vulnerable Software and Affected Versions** OpenSift versions 1.1.2-alpha and below **Description** OpenSift is an AI study tool that utilizes semantic search and generative AI to process large datasets. The application renders untrusted user and model content in its chat tool user interface using unsafe HTML interpolation, resulting in a cross-site scripting (XSS) condition. Stored content can execute JavaScript when viewed in authenticated sessions. An attacker influencing stored study, quiz, or flashcard content could trigger script execution in a victim’s browser, potentially allowing actions to be performed as that user within the application session. **Recommendations** Update to version 1.1.3-alpha or later.

**Name of the Vulnerable Software and Affected Versions** OpenSift versions 1.1.2-alpha and below **Description** OpenSift is an AI study tool that uses semantic search and generative AI to process large datasets. The software’s URL ingest feature in versions 1.1.2-alpha and earlier exhibits overly permissive server-side fetch behavior, potentially allowing requests to unsafe targets. This can lead to probing of private or local network resources from the OpenSift host process when processing attacker-controlled URLs. The API endpoint responsible for URL ingestion is susceptible to this issue. The vulnerable parameter is the URL itself, which is used in a server-side fetch operation. **Recommendations** Update to version 1.1.3-alpha or later. If using trusted local-only exceptions, use `OPENSIFT ALLOW PRIVATE URLS=true` with caution.