Shashank Chaurasia

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Checkov by Prisma® Cloud (affected versions not specified) Description: A sensitive information disclosure issue exists in Palo Alto Networks Checkov by Prisma® Cloud. This can lead to the cleartext exposure of Prisma Cloud access keys in Checkov's output. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DPA version 2023.2 **Description** The issue is related to an XSS attack that was possible due to insufficient input validation. **Recommendations** For DPA version 2023.2, update to a version that includes sufficient input validation to prevent XSS attacks.

**Name of the Vulnerable Software and Affected Versions** SolarWinds Platform versions prior to 2022.3.0 **Description** The issue is related to insufficient sanitization of inputs in the QoE application input field, which could lead to stored and DOM-based XSS attacks. **Recommendations** For versions prior to 2022.3.0, update to SolarWinds Platform version 2022.3.0 to resolve the issue. As a temporary workaround, consider restricting access to the QoE application input field to minimize the risk of exploitation.