Sam Haskins

**Name of the Vulnerable Software and Affected Versions** Arq Backup versions 7.19.5.0 and below **Description** The issue allows attackers with administrative privileges to recover cleartext passwords because Arq Backup stores backup encryption passwords using reversible encryption. **Recommendations** For Arq Backup versions 7.19.5.0 and below, consider changing the backup encryption passwords and storing them securely to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mailbird versions prior to 2.7.5.0 **Description** The issue allows remote attackers to execute arbitrary JavaScript in a privileged context via a crafted HTML mail message. **Recommendations** For versions prior to 2.7.5.0, update to version 2.7.5.0 or later to resolve the issue.