Rik Lutz

**Name of the Vulnerable Software and Affected Versions** Prowise Reflect version 1.0.9 **Description** Prowise Reflect version 1.0.9 has a remote keystroke injection issue. An exposed WebSocket on port 8082 allows attackers to send keyboard events. Malicious web pages can be created to inject keystrokes, enabling attackers to open applications and type arbitrary text by sending specific WebSocket messages. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xerte Project Xerte versions 3.8.4 and earlier **Description** A Site Scripting (XSS) issue exists via the `link` parameter in `print.php`. **Recommendations** For versions 3.8.4 and earlier, consider disabling access to the `print.php` endpoint until a patch is available. Restrict input for the `link` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Xerte Project Xerte versions 3.8.4 and earlier **Description** A Remote Code Execution (RCE) issue exists via a crafted php file through `elfinder` in `connetor.php`. This allows for potential code execution. **Recommendations** For Xerte Project Xerte versions 3.8.4 and earlier, consider disabling the `elfinder` connector in `connetor.php` as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xerte versions through 3.9 **Description** An Authenticated Remote Code Execution (RCE) issue exists in the website code/php/import/fileupload.php file. This is due to the ability to upload a maliciously crafted PHP file disguised as a language file, which bypasses the upload filters. Attackers can manipulate the file's destination by exploiting path traversal in the `mediapath` variable. **Recommendations** For versions through 3.9, consider disabling the file upload feature in the project interface until a patch is available. Restrict access to the `fileupload.php` file to minimize the risk of exploitation. Avoid using the `mediapath` variable in the affected API endpoint until the issue is resolved.