Moti Harmats

**Name of the Vulnerable Software and Affected Versions** Azure DevOps: msazure (affected versions not specified) **Description** Insufficiently protected credentials within Azure DevOps allow an unauthorized attacker to elevate privileges on a network. The issue involves a lack of sufficient protection for credentials, potentially enabling unauthorized access and privilege escalation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 83 Firefox ESR versions prior to 78.5 Thunderbird versions prior to 78.5 **Description** The issue arises when Firefox fails to block the execution of scripts with incorrect MIME types after the response is intercepted and cached through a ServiceWorker. This can lead to a cross-site script inclusion vulnerability or a Content Security Policy bypass. **Recommendations** For Firefox versions prior to 83, update to version 83 or later. For Firefox ESR versions prior to 78.5, update to version 78.5 or later. For Thunderbird versions prior to 78.5, update to version 78.5 or later.