Thorger Jansen

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue concerns an application's up- and downvote function, which modifies a value in a JSON file. Due to improper filtering of POST parameters, an arbitrary file can be overwritten. An authenticated attacker can control the file but not its content. The vulnerability allows overwriting files that the webserver has write access to, requiring a relative path (path traversal) to be supplied. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Software (affected versions not specified) **Description** The issue allows for reflected XSS execution when LDAP authentication is activated in the configuration. This can be achieved by creating a custom URL that, when opened by the victim, executes arbitrary JavaScript code in the victim's browser. The fault lies in the file login.php, where the content of `$ SERVER['PHP SELF']` is reflected into the website's HTML, enabling exploitation without the need for a valid account. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned. **Description** The application does not change the session token when using the login or logout functionality. An attacker can set a session token in the victim's browser, for example via XSS, and prompt the victim to log in, resulting in the victim's account being taken over. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.