Rahul Raj

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 148.0.7778.216 **Description** An integer overflow in ANGLE allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. **Recommendations** Update to version 148.0.7778.216 or later.

**Name of the Vulnerable Software and Affected Versions** Cisco Registered Envelope Service versions 5.3.4.x **Description** The issue is related to insufficient validation of user-supplied input by the web-based interface, allowing an attacker to conduct a cross-site scripting (XSS) attack. This could enable the execution of arbitrary script code or access to sensitive information by sending a specially crafted email. **Recommendations** For versions 5.3.4.x, update to a version that includes the fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to the web-based interface of the Cisco Registered Envelope Service to minimize the risk of exploitation. Avoid using the service to send or receive sensitive information until the issue is resolved.