Owen H

Name of the Vulnerable Software and Affected Versions: WebITR from Uniong (affected versions not specified) Description: The issue allows unauthorized remote attackers to exploit an Open Redirect vulnerability, which can be used to forge URLs. Users, believing they are accessing a trusted domain, can be redirected to another page, potentially leading to phishing attacks. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Soar Cloud HR Portal (affected versions not specified) Description: The notification emails sent by Soar Cloud HR Portal contain a link with an embedded session. The expiration of the session is not properly configured, remaining valid for more than 7 days and can be reused. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.