Xavi

**Name of the Vulnerable Software and Affected Versions** UseBB version 1.0.12 **Description** The issue allows for a login bypass due to type juggling in the `panel login.php` file. This occurs because the `!=` operator is used instead of `!==` for password hashes, leading to mishandling of hashes that begin with `0e` followed by exclusively numerical characters. **Recommendations** For UseBB version 1.0.12, consider modifying the `panel login.php` file to use the `!==` operator instead of `!=` for password hash comparisons to prevent type juggling attacks. As a temporary workaround, restrict access to the login functionality until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Siemens AG Polarion versions prior to 19.2 **Description** The issue is related to improper neutralization of input during web page generation, which could allow an attacker to exploit a reflected Cross-site Scripting (XSS) vulnerability. **Recommendations** For versions prior to 19.2, update to version 19.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Siemens AG Polarion versions prior to 19.2 **Description** The issue is related to improper neutralization of input during web page generation, which could allow an attacker to exploit a reflected Cross-site Scripting (XSS) vulnerability. **Recommendations** For versions prior to 19.2, update to version 19.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Siemens AG Polarion versions prior to 19.2 **Description** The issue is related to improper neutralization of input during web page generation, which could allow an attacker to exploit a persistent Cross-site Scripting (XSS) vulnerability. **Recommendations** For versions prior to 19.2, update to version 19.2 or later to resolve the issue.