X00Nullbit

**Name of the Vulnerable Software and Affected Versions** TrueConf Server version 5.5.2.10813 **Description** A CSV Formula Injection issue exists in TrueConf Server. A standard user can inject harmful spreadsheet formulas into exported chat logs by using a specially crafted Display Name. The vulnerability allows for the injection of malicious formulas when exporting chat logs. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, sanitize the Display Name field to prevent the injection of spreadsheet formulas.

**Name of the Vulnerable Software and Affected Versions** TrueConf Client version 8.5.2 **Description** The software is susceptible to a DLL hijacking issue. A crafted `wfapi.dll` file can be used by a local attacker to execute arbitrary code with the privileges of the user. The attack involves exploiting a weakness in how the application loads dynamic link libraries. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, ensure the application directory and its subdirectories have restricted permissions to prevent unauthorized modification of DLL files.

**Name of the Vulnerable Software and Affected Versions** TrueConf Server version 5.5.2.10813 **Description** A Stored Cross-Site Scripting (XSS) issue exists in the Meeting location field within the Create/Edit Conference functionality. The issue is due to improper sanitization of user-supplied input in the `meeting room` parameter. An attacker can inject a malicious payload into the `meeting room` parameter, which is then stored and executed when users access the Conference Info page. Successful exploitation of this issue can lead to full Account Takeover (ATO). **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting or disabling the Create/Edit Conference functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** TrueConf versions 5.5.2.10813 **Description** A flaw exists in TrueConf server version 5.5.2.10813 that allows for the injection of arbitrary HTML code through the conference description field. This issue is present in the Create/Edit conference functionality and is triggered when a victim accesses the Conference Info page at the URL `/info`. The injected HTML can be used to compromise the integrity of the displayed information. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, sanitize all user-supplied input for the conference description field to prevent HTML injection.