SEC Consult Vulnerability Lab Security Advisory < 20170727-1 >
===
title: Multiple vulnerabilities
product: KATHREIN - UFSconnect 916, UFSconnect 906
vulnerable version: 2.23 Build 224, 2.22 Bui
SEC Consult Vulnerability Lab Security Advisory < 20170727-0 >
===
title: Authenticated Command Injection &
Cloud User Weak Crypto & Privilege Escalation
product: Ubi
Advisory: Cross-Site Scripting in TYPO3 Formhandler Extension
RedTeam Pentesting discovered a cross-site scripting vulnerability (XSS)
in the TYPO3 extension Formhandler.
Details
===
Product: TYPO3 Formhandler
Affected Versions: 2.4.0 and probably earlier
Fixed Versions: none, project no