Ryantzj

**Name of the Vulnerable Software and Affected Versions** CheckSec Canopy versions prior to 3.0.7 **Description** The issue allows for stored XSS attacks via the Login Page Disclaimer, enabling low-privileged users to target higher-privileged users. **Recommendations** For versions prior to 3.0.7, update to version 3.0.7 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: SyncBreeze Enterprise versions prior to 10.3.14 Description: A buffer overflow issue exists in the `Add command` functionality. This can be triggered by an authenticated attacker submitting a command name with more than 5000 characters, potentially causing the SyncBreeze Enterprise server to terminate and possibly allowing remote command execution with SYSTEM privilege. Recommendations: For versions prior to 10.3.14, update to a version that contains a fix for this issue to prevent potential remote command execution. As a temporary workaround, consider restricting the length of command names submitted to the `Add command` functionality to prevent buffer overflow.