Nick Manfredi

Name of the Vulnerable Software and Affected Versions: Bitmask Riseup VPN version 0.21.6 Description: The issue is related to improper access controls in the software. When installed in a non-default directory off the system root, the installer fails to properly set Access Control Lists (ACLs). This allows lower privileged users to replace the VPN executable with a malicious one. If a higher privileged user, such as an Administrator, launches the malicious executable, it is possible for the lower privileged user to escalate to Administrator privileges. Recommendations: For Bitmask Riseup VPN version 0.21.6, consider restricting access to the VPN executable until a patch is available. As a temporary workaround, ensure that the installation directory has proper ACLs set to prevent lower privileged users from replacing the executable. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: OpenOversight version 0.6.4 Description: The issue allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. This is achieved through cross-site request forgery. Recommendations: For OpenOversight version 0.6.4, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TCExam version 14.2.2 **Description** The issue is related to insufficient output sanitization, allowing a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks. This can be achieved by creating a crafted test. **Recommendations** For TCExam version 14.2.2, update to a version that addresses the insufficient output sanitization issue to prevent persistent cross-site scripting (XSS) attacks.

**Name of the Vulnerable Software and Affected Versions** TCExam version 14.2.2 **Description** The issue is related to insufficient output sanitization, allowing a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks. This can be achieved by creating a crafted group. **Recommendations** For TCExam version 14.2.2, update to a version that addresses the insufficient output sanitization issue to prevent persistent cross-site scripting (XSS) attacks.

**Name of the Vulnerable Software and Affected Versions** TCExam version 14.2.2 **Description** The issue is related to insufficient output sanitization, allowing a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks. This can be achieved by creating a crafted test. **Recommendations** For TCExam version 14.2.2, update to a version that addresses the insufficient output sanitization issue to prevent persistent cross-site scripting attacks.

**Name of the Vulnerable Software and Affected Versions** TCExam version 14.2.2 **Description** The issue allows a remote, authenticated attacker to read the contents of arbitrary files on disk due to a Relative Path Traversal. **Recommendations** For TCExam version 14.2.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Harbor (affected versions not specified) **Description** A User Enumeration flaw exists, allowing information about registered users to be obtained via the "search" functionality in the "/users" API endpoint, which is supposed to be restricted to administrators. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.