GHSA-p85q-mww9-gwqf: Citizen Short Description stored XSS vulnerability through wikitext

GHSA-prmv-7r8c-794g: Citizen vulnerable to Stored XSS through short descriptions

GHSA-67rr-84xm-4c7r: Next.JS vulnerability can lead to DoS via cache poisoning 

GHSA-r2fc-ccr8-96c4: Next.js has a Cache poisoning vulnerability due to omission of the Vary header

GHSA-rq6g-6g94-jfr4: starcitizentools/citizen-skin is vulnerable to Stored XSS attack in the legacy search bar through page descriptions

Versions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function.

**global-modules-path Command Injection vulnerability**

High severity GitHub Reviewed Published Jan 13, 2023 • Updated Jan 13, 2023

Headline

GHSA-vvj3-85vf-fgmw: global-modules-path Command Injection vulnerability

Related news

ghsa: Latest News