Zewei Zhang

**Name of the Vulnerable Software and Affected Versions** ManageEngine SharePoint Manager Plus versions 4503 and prior **Description** The issue is an authenticated XML External Entity (XXE) vulnerability in the Management option. This vulnerability impacts specific versions of the software, allowing potential exploitation. Users are urged to update to the latest versions and follow remediation guidelines to mitigate risks. **Recommendations** For ManageEngine SharePoint Manager Plus versions 4503 and prior, update to the latest version to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to the Management option until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Zohocorp ManageEngine DDI Central versions 4001 and prior **Description** The issue allows a user to upload new files to the server folder due to a directory traversal vulnerability. **Recommendations** For versions 4001 and prior, consider restricting access to the server folder to minimize the risk of exploitation until a fix is available. As a temporary workaround, avoid using the upload functionality in the affected software until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Zohocorp ManageEngine DDI Central versions 4001 and prior **Description** The issue is related to an agent takeover vulnerability due to the presence of hard-coded sensitive keys. **Recommendations** For versions 4001 and prior, consider restricting access to sensitive areas of the system until a fix is available. As a temporary workaround, review and update any hard-coded sensitive keys to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Joomla! versions 4.0.0 through 4.2.7 **Description** An improper access check exists in Joomla! versions 4.0.0 through 4.2.7, allowing unauthorized access to webservice endpoints. Attackers can exploit this issue to gain access to sensitive information. A proof-of-concept (PoC) exploit involves sending a request to the `/api/index.php/v1/config/application?public=true` **API Endpoint** with the `public` parameter set to `true`. The GambleForce threat actor has been observed attempting to exploit this vulnerability, along with others, in attacks against websites in the Asia-Pacific region. While they attempted to exploit this vulnerability in Brazil, they were unsuccessful in extracting data. The vulnerability could potentially lead to code execution. Approximately 127,548 Joomla installations are potentially exposed according to ZoomEye data. **Recommendations** Update to a version later than 4.2.7.

**Name of the Vulnerable Software and Affected Versions** Spring Tools 4 for Eclipse version 4.16.0 and below Spring Boot Tools version 1.39.0 and below Concourse CI Pipeline Editor version 1.39.0 and below Bosh Editor version 1.39.0 and below Cloudfoundry Manifest YML Support version 1.39.0 and below **Description** The issue concerns the use of the Snakeyaml library for YAML editing support, which allows for special syntax in YAML files. Under certain circumstances, this can lead to potentially harmful remote code execution by an attacker. **Recommendations** For Spring Tools 4 for Eclipse version 4.16.0 and below, update to a version above 4.16.0 to resolve the issue. For Spring Boot Tools version 1.39.0 and below, update to a version above 1.39.0 to resolve the issue. For Concourse CI Pipeline Editor version 1.39.0 and below, update to a version above 1.39.0 to resolve the issue. For Bosh Editor version 1.39.0 and below, update to a version above 1.39.0 to resolve the issue. For Cloudfoundry Manifest YML Support version 1.39.0 and below, update to a version above 1.39.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Spring Data MongoDB (affected versions not specified) **Description** The issue is related to errors in processing SpEL expressions, which can be exploited by a remote attacker to execute arbitrary code by sending a specially crafted SpEL request. This can occur when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding, if the input is not sanitized. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.