Pontus Hanssen

**Name of the Vulnerable Software and Affected Versions** Syncope versions prior to 3.0.9 **Description** The issue allows an attacker to bypass HTML sanitization by using incomplete HTML tags when editing objects in the Syncope Console. This enables the injection of stored XSS payloads, which can trigger for other users during normal application usage. Additionally, XSS payloads can be injected in Syncope Enduser when editing "Personal Information" or "User Requests", and these payloads can trigger for administrators in Syncope Console, allowing session hijacking. **Recommendations** For versions prior to 3.0.9, upgrade to version 3.0.9 to fix the issue. As a temporary workaround, consider restricting the editing of objects in the Syncope Console and limiting access to the "Personal Information" and "User Requests" sections in Syncope Enduser to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Keycloak (affected versions not specified) **Description** A flaw was found in Keycloak, which may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form post.jwt". This could be used to bypass the security patch implemented to address a previous issue. The attacker can exploit this by changing the response mode parameter in the original proof of concept from "form post" to "form post.jwt". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.