Pratiksha Dhone

**Name of the Vulnerable Software and Affected Versions** Artica Proxy CE versions prior to 4.28.030.418 **Description** An issue exists where SQL Injection is possible via the `Netmask`, `Hostname`, and `Alias` fields. **Recommendations** For versions prior to 4.28.030.418, update to version 4.28.030.418 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Artica Proxy CE versions prior to 4.28.030.418 **Description** A reflected XSS issue exists in the search fields for real time request, System Events, Proxy Events, Proxy Objects, and Firewall objects. **Recommendations** For versions prior to 4.28.030.418, update to version 4.28.030.418 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Artica Proxy versions prior to 4.30.000000 **Description** An issue exists in the software where stored XSS is possible via several fields, including the Server Domain Name, `Your Email Address`, `Group Name`, `MYSQL Server`, `Database`, `MYSQL Username`, `Group Name`, and `Task Description` fields. **Recommendations** For versions prior to 4.30.000000, update to version 4.30.000000 or later to resolve the issue. As a temporary workaround, consider restricting input to the mentioned fields to minimize the risk of exploitation. Avoid using the vulnerable fields in the affected versions until the issue is resolved.