ATI Update ATI-2022-14

Name	Category	Info
edX Jun 2022	Voice/Video/Media	edX is an American massive open online course provider created by Harvard and MIT.
OperaVPN Jun22	Security	Opera is a multi-platform web browser developed by its namesake company Opera. It comes with a free browser VPN built into the desktop client. Users can toggle the VPN option and browse anonymously from anywhere.
XiaoHongShu Mobile Jun 2022	Voice/Video/Media	XiaoHongShu is a Chinese on-line life experience sharing platform.

Name	Category	Tags	Info
edX Jun 2022	Voice/Video/Media	SimulatedTLS	edX is an American massive open online course provider created by Harvard and MIT.
OperaVPN Jun22	Security	Security	Simulates the use of the Opera desktop client as of June 2022 where a user opens the browser, turns the VPN on and starts browsing the internet.
XiaoHongShu Mobile Jun 2022	Voice/Video/Media	SimulatedTLS	XiaoHongShu is a Chinese on-line life experience sharing platform.

CVSS	ID	References	Category	Info
6.8	E22-ccxj1	CVE-2021-30551 CVSS CVSSv3 CWE-843 URL	Exploits	This strike exploits a memory corruption vulnerability in Google Chrome browsers. The vulnerability is due to type confusion in the V8 engine. The vulnerability can be found in the SetPropertyInternal function due to an interceptor. An attacker could exploit this vulnerability by convincing a user to open a malicious HTML page, which could lead to remote code execution.
3.5	E22-7p7i1	CVE-2019-13182 CVSS CVSSv3 CWE-79 URL	Exploits	This strike exploits a stored cross-site scripting vulnerability in the SolarWinds Serv-U FTP Server. The vulnerability is due to incorrect input validation prior to using the %USER_FULL_NAME% macro to render the Web UI. A remote, authenticated attacker could exploit this vulnerability by embedding malicious script code. A successful attack may result in the execution of script code in the security context of the target user.