Omar Hashim

**Name of the Vulnerable Software and Affected Versions** Linear eMerge E3-Series versions 0.32-07e through 0.32-09c **Description** The issue is related to the lack of protection for the web page structure, allowing a remote attacker to conduct a cross-site scripting (XSS) attack. This can be exploited to inject malicious scripts into the website. The estimated number of potentially affected devices is not specified. **Recommendations** For Linear eMerge E3-Series versions 0.32-07e through 0.32-09c, consider disabling access to vulnerable web pages until a patch is available. Restrict access to the web interface to minimize the risk of exploitation. Avoid using the web interface for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nortek Linear eMerge E3-Series versions 0.32-07e through 0.32-09c **Description** The issue is related to a cross-site scripting (XSS) vulnerability that is chained with a local session fixation, allowing attackers to escalate privileges via unspecified vectors. **Recommendations** For versions 0.32-07e through 0.32-09c, at the moment, there is no information about a newer version that contains a fix for this vulnerability.