Mtausig

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 return sensitive data to the user which are not required for the client’s operation. Version 2.4.28 contains a patch.

**Name of the Vulnerable Software and Affected Versions** Iris versions prior to 2.4.28 **Description** Iris is a web collaborative platform designed for incident responders to share technical details during investigations. The software contains an open redirect flaw that allows an attacker to redirect users to a malicious website under the attacker's control. **Recommendations** Update to version 2.4.28.

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 do not properly validate uploaded files. The application can therefore be misused to host phishing pages, amongst other things. This also creates another instance of a Cross-Site Scripting (XSS) vulnerability. Version 2.4.28 contains a patch.

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, users can create alerts for customers that are not assigned to them. This can be abused to falsely attribute fake alerts to customers. In combination with Cross-Site Scripting, this can also be used to exfiltrate alerts from other customers. Version 2.4.28 contains a patch.

**Name of the Vulnerable Software and Affected Versions** IRIS versions prior to 2.4.28 **Description** IRIS is a web collaborative platform designed for incident responders to share technical details during investigations. The software is susceptible to a cross-site request forgery attack, which occurs when an attacker tricks a user into performing actions they did not intend to do, because the application uses the `GET` HTTP method to change state on the server. **Recommendations** Update to version 2.4.28.

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 allow a user to alter values in the database via manipulated API requests. Version 2.4.28 contains a patch.

Name of the Vulnerable Software and Affected Versions: File Browser versions 2.32.0 and prior Description: The issue concerns the implementation of password-protected links in File Browser, which is error-prone and can result in potential unprotected sharing of a file through a direct download link. This link can be shared unknowingly by a user or discovered from various locations such as the browser history or the log of a proxy server used. Recommendations: For versions 2.32.0 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: File Browser versions prior to 2.33.7 Description: The issue arises from File Browser not explicitly setting file access permissions for uploaded or created files, as well as its database. This results in files being readable by any operating system account on standard servers where the umask configuration has not been hardened, prior to version 2.33.7. Recommendations: For versions prior to 2.33.7, update to version 2.33.7 to resolve the issue. As a temporary workaround, consider hardening the umask configuration on the server to restrict file access permissions until the update can be applied.

Name of the Vulnerable Software and Affected Versions: File Browser versions prior to 2.33.7 Description: The Markdown preview function of File Browser is vulnerable to Stored Cross-Site-Scripting (XSS). Any JavaScript code that is part of a Markdown file uploaded by a user will be executed by the browser. Recommendations: For versions prior to 2.33.7, update to version 2.33.7 to resolve the issue. As a temporary workaround, consider disabling the Markdown preview function until the update is applied. Restrict access to uploading Markdown files to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: File Browser version 2.32.0 Description: The issue concerns the Command Execution feature in File Browser, which allows the execution of shell commands predefined on a user-specific allowlist. However, many tools can execute arbitrary commands, rendering this limitation ineffective. The impact depends on the commands granted to the attacker, but most users with `Execute commands` permissions can exploit this, gaining full code execution rights with the server process's uid. Recommendations: For version 2.32.0, completely disable `Execute commands` for all accounts as a temporary workaround. Consider operating File Browser from a distroless container image as a defense-in-depth measure if command execution is not required. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: File Browser versions prior to 2.34.1 Description: The issue concerns a missing password policy and brute-force protection in the authentication process, making it insecure. Attackers could potentially mount a brute-force attack to retrieve the passwords of all accounts in a given instance. Recommendations: For versions prior to 2.34.1, update to version 2.34.1 to resolve the issue. As a temporary workaround, consider implementing additional security measures to protect against brute-force attacks, such as limiting login attempts or using external authentication methods.

Name of the Vulnerable Software and Affected Versions: File Browser versions prior to 2.33.9 Description: The issue concerns the leakage of JSON Web Tokens (JWT) used as session identifiers due to their inclusion as GET parameters in URLs. This leakage can occur when a user accesses certain URLs, allowing an attacker with access to these URLs to gain full access to the user's account and sensitive files. Recommendations: For versions prior to 2.33.9, update to version 2.33.9 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions:** File Browser versions 1.11.0 and earlier, and 2.32.0 through 2.35.0 **Description:** File Browser provides a file managing interface. The Command Execution feature allows the execution of shell commands without proper scope restrictions, potentially granting an attacker read and write access to all files managed by the server, including password hashes. Exploitation may lead to database compromise, password extraction, or user impersonation. Approximately 3300 instances of File Browser in Runet are estimated to be vulnerable, with over 71% potentially susceptible to attack. **Recommendations:** File Browser versions 1.11.0 and earlier: At the moment, there is no information about a newer version that contains a fix for this vulnerability. File Browser versions 2.32.0 through 2.35.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Disable the `Execute commands` function for all accounts. Operate File Browser from a distroless container image if command execution is not required. Restrict the File Browser process when it is started, for example, by using user namespaces and Bubblewrap. Configure strict file and database permissions.

Name of the Vulnerable Software and Affected Versions: File Browser versions prior to 2.33.10 Description: The issue affects the implementation of the allowlist in File Browser, allowing unauthorized execution of shell commands. The impact depends on the configured commands and installed binaries on the server or container image. Due to the lack of separation of scopes on the OS-level, an attacker could access all files managed by the application, including the File Browser database. Recommendations: For versions prior to 2.33.10, update to version 2.33.10 to resolve the issue.