Zetta

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 69 Firefox ESR versions prior to 68.1 **Description** The issue is related to logging-related command line parameters not being properly sanitized when Firefox is launched by another program. This can be exploited to write a log file to an arbitrary location, such as the Windows 'Startup' folder, potentially allowing for the execution of arbitrary commands. This issue only affects Firefox on Windows operating systems. **Recommendations** For Firefox versions prior to 69, update to version 69 or later to resolve the issue. For Firefox ESR versions prior to 68.1, update to version 68.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MobaXterm version 11.1 **Description** The issue allows remote attackers to execute arbitrary commands when a user visits a specially crafted URL, leveraging an argument injection vulnerability in the mobaxterm: URI handler. This can be achieved by injecting the `-exec` argument, and using additional arguments like `-hideterm` and `-exitwhendone` can make the attack less visible. **Recommendations** For MobaXterm version 11.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.