Tomasz Holeksa

**Name of the Vulnerable Software and Affected Versions** DHTMLX Diagram versions prior to 1.1.1 **Description** The export module is susceptible to Path Traversal in the `src` attribute because of insufficient HTML sanitization. An unauthenticated attacker can craft a malicious HTML payload to read arbitrary local files from the server and include their content in the generated PDF. **Recommendations** Update to version 1.1.1.

**Name of the Vulnerable Software and Affected Versions** PDF Export Module versions prior to 0.7.6 **Description** The PDF Export Module used in DHTMLX Gantt and Scheduler allows unauthenticated remote code execution. The issue stems from insufficient sanitization of the `data` parameter. An attacker can inject malicious JavaScript code into this parameter, which is then processed and executed by Node.js, potentially leading to full server compromise. **Recommendations** Update to version 0.7.6. As a temporary workaround, restrict access to the `data` parameter within the PDF Export Module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PDF Export Module versions prior to 0.7.6 **Description** The PDF Export Module used in DHTMLX Gantt and Scheduler contains a path traversal flaw resulting from insufficient HTML sanitization. This allows an unauthenticated user to create a malicious HTML payload that includes local server files, which are then displayed within the generated PDF document. **Recommendations** Update to version 0.7.6.

**Name of the Vulnerable Software and Affected Versions** IBM Filenet Content Manager Component versions 5.5.8.0 through 5.5.11.0 **Description** The issue is related to incorrect restriction of a directory path name with limited access. This could allow a remote attacker to traverse directories on the system by sending a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. **Recommendations** For versions 5.5.8.0 through 5.5.11.0, consider restricting access to the affected component until a patch is available. As a temporary workaround, avoid using URL requests containing "dot dot" sequences (/../) in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Aria Operations for Networks (affected versions not specified) **Description** The issue is related to a cross-site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization. This could allow a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Aria Operations for Networks (affected versions not specified) **Description** The issue is related to a cross-site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner, potentially leading to a takeover of the user account. This vulnerability is associated with a lack of protection for the web page structure, allowing a remote attacker to perform cross-site scripting attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Content Navigator version 3.0.13 **Description** The issue allows an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. This is due to a server-side request forgery (SSRF) vulnerability. **Recommendations** For IBM Content Navigator version 3.0.13, consider restricting access to sensitive network resources to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the ability of the system to send requests to unauthorized destinations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM FileNet Content Manager versions 5.5.8 through 5.5.11 **Description** This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. **Recommendations** For versions 5.5.8 through 5.5.11, consider disabling the Web UI functionality until a patch is available to prevent exploitation of the cross-site scripting vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dell EMC iDRAC9 versions prior to 4.40.00.00 **Description** The issue concerns stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected parameters. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application. **Recommendations** For versions prior to 4.40.00.00, update to version 4.40.00.00 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected parameters to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Dell EMC iDRAC9 versions prior to 4.40.00.00 **Description** The issue concerns an improper authentication vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this to manipulate the `username` field under the comment section and set the value to any user. **Recommendations** For versions prior to 4.40.00.00, update to version 4.40.00.00 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Dell EMC iDRAC9 versions prior to 4.40.10.00 **Description** The issue allows a remote authenticated malicious user with high privileges to store malicious HTML or JavaScript code through multiple affected areas while generating a certificate. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application. **Recommendations** For versions prior to 4.40.10.00, update to version 4.40.10.00 or later to resolve the issue. As a temporary workaround, consider restricting access to certificate generation features to minimize the risk of exploitation. Avoid using the vulnerable application to access submitted data until the issue is resolved.