Rick Verdoes

**Name of the Vulnerable Software and Affected Versions** Check Point Gaia Portal (affected versions not specified) **Description** The issue is related to a command injection vulnerability in the Check Point Gaia Portal. It allows a local user to potentially escalate privileges using the Gaia Portal hostnames page. The vulnerability is due to the failure to neutralize special elements used in the operating system command when processing the `hostname` parameter. This could enable a remote attacker to execute arbitrary commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BigBlueButton versions prior to 2.4.8 BigBlueButton versions prior to 2.5.0 **Description** BigBlueButton is an open source web conferencing system. Users in meetings with private chat enabled are vulnerable to a cross site scripting attack in affected versions. The attack occurs when the attacker starts a chat, and in the victim's client, the JavaScript will be executed. **Recommendations** For versions prior to 2.4.8, update to version 2.4.8 or later to resolve the issue. For versions prior to 2.5.0, update to version 2.5.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** DAViCal versions through 1.1.8 **Description** A stored XSS issue was discovered in DAViCal. It does not adequately sanitize output of various fields that can be set by unprivileged users, making it possible for JavaScript stored in those fields to be executed by another user. Affected database fields include `Username`, `Display Name`, and `Email`. The vulnerability is related to insufficient protection measures for web page structures, which can be exploited by a remote attacker to impact data integrity through a specially crafted HTML page. **Recommendations** For versions through 1.1.8, update to a version that adequately sanitizes output of user-set fields to prevent stored XSS attacks. As a temporary workaround, consider restricting access to the `Username`, `Display Name`, and `Email` fields to minimize the risk of exploitation. Avoid using these fields in a way that could allow JavaScript execution until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** DAViCal versions through 1.1.8 **Description** A CSRF issue was discovered in DAViCal. If an authenticated user visits an attacker-controlled webpage, the attacker can send arbitrary requests in the name of the user to the application. This could allow the attacker to add a new admin user if the attacked user is an administrator. The vulnerability is related to deficiencies in the mechanisms against cross-site request forgery, which can be exploited by a remote attacker to gain unauthorized access to confidential data, cause a denial of service, and impact data integrity through a specially crafted HTML page. **Recommendations** For versions through 1.1.8, as a temporary workaround, consider implementing additional CSRF protection measures, such as token-based validation, to prevent unauthorized requests. At the moment, there is no information about a newer version that contains a fix for this vulnerability.