Paweł Zdunek

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0 Description: The issue is related to Reflected XSS (Cross-site Scripting) attacks. It occurs when a user creates new form fields, which can introduce new parameters vulnerable to XSS attacks. If a user is tricked into filling such a form with a malicious script, the code will be executed in their context. Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider restricting the use of the functionality that allows creating new form fields to minimize the risk of exploitation. Avoid using this functionality until the issue is resolved by updating to the patched version.

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0 Description: The issue allows an attacker with access to a user's browser to set an arbitrary session cookie value, potentially leading to account takeover. The system's failure to destroy old sessions when creating new ones expands the time frame for a possible attack. Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider restricting access to sensitive features until the update is applied.

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0 Description: The issue concerns a Stored XSS (Cross-site Scripting) attack. An attacker can trick a user into filling a form designed for setting delivery address with a malicious script, causing the script to run in the user's context. Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider restricting access to the form designed for setting delivery address to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0 Description: The issue concerns a Reflected XSS (Cross-site Scripting) attack. An attacker could trick a user into filling a form designed for resetting the user's password with a malicious script, causing the script to run in the user's context. Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider restricting access to the password reset form until the update is applied. Avoid using the form for resetting user passwords until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0 Description: The issue is related to client-side Denial of Service (DoS) attacks. An attacker can trick a user into using a URL with a `d` parameter set to an unhandled value, causing the server to return an error message and preventing subsequent requests from being accepted. This issue persists until the session expires or the user manually deletes cookies. A similar effect can be achieved when a user attempts to change the platform language to an unimplemented one. Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider clearing session cookies to restore functionality. Avoid using URLs with unhandled `d` parameter values and refrain from attempting to change the platform language to unimplemented options until the update is applied.

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0 Description: The issue is related to Reflected XSS (Cross-site Scripting) attacks. An attacker can craft a link with a malicious script that gets embedded in references to other resources, causing the script to run in the user's context multiple times. Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable resources to minimize the risk of exploitation. Avoid using links from untrusted sources to prevent the embedding of malicious scripts.

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0 Description: The issue is related to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a login form with a malicious script, which causes the script to run in the user's context. Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider restricting access to the login form to minimize the risk of exploitation. Avoid using the login form until the issue is resolved by updating to the patched version.

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0 Description: The issue is related to Stored XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form designed for changing user's data with a malicious script, which causes the script to run in the user's context. Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider restricting access to forms that allow user data changes to minimize the risk of exploitation. Avoid using malicious scripts in the affected forms until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0 Description: The issue is related to Reflected XSS (Cross-site Scripting) attacks. An attacker might trick a user into filling a form designed for adding users with a malicious script, which causes the script to run in the user's context. Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider restricting access to the user addition form to minimize the risk of exploitation. Avoid using the form for adding users until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS versions prior to 79.0 Description: The issue is related to a Reflected XSS (Cross-site Scripting) attack. An attacker can trick a user into filling a form sent to the login panel at "/softcom/" with a malicious script, causing the script to run in the user's context. Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider restricting access to the "/softcom/" endpoint to minimize the risk of exploitation. Avoid using the login panel until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** A vulnerability has been discovered in Windows Virtualization-Based Security. The issue was disclosed on 2025-02-25 and a patch was released in February 2025 Patch Tuesday. It was discovered by Alex Ionescu. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: GraphQL (affected versions not specified) Description: A vulnerability was found in GraphQL due to improper access controls on the `graphql introspection query`. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery of flaws or errors specific to the application's GraphQL implementation. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `graphql introspection query` to minimize the risk of exploitation. Apply available patches immediately to mitigate risks.

Name of the Vulnerable Software and Affected Versions: OpenShift (affected versions not specified) Description: A denial of service (DoS) issue was found in OpenShift, related to the GraphQL batching functionality. This allows attackers to send multiple queries within a single request, potentially submitting a request with thousands of aliases in one query. The issue leads to excessive resource consumption, causing application unavailability for legitimate users. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. This is due to a lack of protection for the web page structure. Recommendations: For IBM InfoSphere Information Server version 11.7, consider disabling access to the Web UI until a patch is available to prevent potential exploitation. Restrict access to sensitive areas of the application to minimize the risk of credentials disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. This is due to a lack of protection for the web page structure. Recommendations: For IBM InfoSphere Information Server version 11.7, consider disabling access to the Web UI until a patch is available to prevent potential exploitation. Restrict access to sensitive areas of the application to minimize the risk of credentials disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted session. This is due to a lack of protection for the web page structure. The vulnerability can be exploited by a remote attacker to disclose credentials in a trusted session. Recommendations: For IBM InfoSphere Information Server version 11.7, update to a version that includes a fix for this issue, as the current version is vulnerable to cross-site scripting. As a temporary workaround, consider restricting access to the Web UI to minimize the risk of exploitation.