The Drupal security team released an advisory that addresses the WebProfiler Cross Site Scripting vulnerability. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all web admins to review and implement the updates.

WSO2 released security updates that addresses the ‘unrestricted file upload’ vulnerability affecting WSO2 products: API Manager, Identity Server, Identity Server Analytics, Identity Server as Key Manager and Enterprise Integrator.

Drupal released security updates that address Drupal 9.2 and 9.3. The Uganda National CERT and Coordination Center (CERT.UG/CC) strongly advises all Web & Sys admins to review and implement the updates.

Oracle released a critical patch (cumulative) update that addresses multiple vulnerabilities. Malicious actors are actively exploiting these vulnerabilities.

The GitLab team released security updates that address a critical security vulnerability that could be exploited by a malicious actor to seize control of accounts.

Malicious actors are actively exploiting a critical vulnerability in Apache Log4j Version 2.15.0 . This exploit may lead to remote code execution on targeted servers running the vulnerable Log4j version.